Re: Nikto in Nessus Report

Wed, 19 Mar 2008 08:50:55 -0700 

11213, 10916, 10915


11213 == xst_http_trace.nasl
10916 == smb_localusers_pwexpiry.nasl
10915 == smb_localusers_neverloggedon.nasl


If you're sure the only configuration change between 2 and 3 was the  
"Enable Nikto" preference, is it possible resource congestion issues  
on the network or target host could be affecting your results? The  
second two here are local checks, so I find it odd they'd be  
influenced by whether the Nikto plugin is enabled or not.



I start thinking that it wasn't Nikto that made difference on the  
report from step 2 to 3. I scanned a different host today, but the  
reports are exactly the same with or without nikto wrapper or with  
the "Enable Nikto" preference. Nikto.nasl lauched even without  
"Enable Nikto" preference.



Ok. That's not unexpected -- the plugin would start and then exit when  
it finds the plugin preference has not been set.



I searched the entire reports for both hosts, but 14260 does not  
appear any where.




I assume you've tested Nikto outside of Nessus and know that it runs.  
It might be interesting, though, to have Nessus call it indirectly,  
via a wrapper such as the following:



#!/usr/bin/perl

my $cmd = "/usr/bin/nikto.pl-orig";
my $log = "/tmp/scan.log.$$";

open(LOG, ">>$log") or die "Can't open $log - $!\n";

$cmd .= " " . join(" ", @ARGV);
print LOG "debug: running '$cmd'.\n";

my @output;
open(CMD, "$cmd 2>&1 | ") or die "Can't run $cmd - $!\n";
print LOG "debug: output follows:\n";
while (<CMD>) {
  chomp($_);
  print LOG "debug:   $_\n";
  print "$_\n";
}
close(CMD);

print LOG "debug: finished.\n";
close(LOG);





To use this, first rename your existing nikto.pl to something like  
nikto.pl-orig, then save the wrapper in the same directory as nikto.pl- 
orig. Then edit the wrapper script and adjust as necessary the bang- 
path and location of nikto.pl-orig. When you run your scan, Nessus  
will call the wrapper script, which in turn will call the real nikto  
script and log the calling arguments as well as its output to a file.   
[Remember when you're finished to remove the wrapper and rename  
nikto.pl-orig.]


George
--
[EMAIL PROTECTED]
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus





















					Reply via email to