nikto icon indicating copy to clipboard operation
nikto copied to clipboard

Published 20 hours ago verified publisher icon sullo

2.1.6 - running nikto from bash script produces incorrect results

Open stevecoward opened this issue 9 years ago • 4 comments

System: Kali Linux, Nikto 2.1.6

Given script run-nikto.sh:


command="nikto -D V -h 192.168.1.143 -p 80"
echo "executing nikto..."
eval $command
echo "all done!"

Results produce: results at end of issue

Running this with nikto 2.1.5 and lower all produce expected results. The same issue occurs when attempting to execute nikto via python subprocess as well. I'm curious to know what changed between 2.1.5 and 2.1.6 to produce the result "+ 0 host(s) tested".

executing nikto...

- Nikto v2.1.6

V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_siebel V:Sun Sep 7 15:14:18 2014 - Loaded "Siebel Checks" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_auth V:Sun Sep 7 15:14:18 2014 - Loaded "Guess authentication" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_robots V:Sun Sep 7 15:14:18 2014 - Loaded "Robots" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_content_search V:Sun Sep 7 15:14:18 2014 - Loaded "Content Search" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_sitezip V:Sun Sep 7 15:14:18 2014 - Loaded "Site Zip" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_report_xml V:Sun Sep 7 15:14:18 2014 - Loaded "Report as XML" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_cgi V:Sun Sep 7 15:14:18 2014 - Loaded "CGI" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_headers V:Sun Sep 7 15:14:18 2014 - Loaded "HTTP Headers" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_put_del_test V:Sun Sep 7 15:14:18 2014 - Loaded "Put/Delete test" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_subdomain V:Sun Sep 7 15:14:18 2014 - Loaded "Sub-domain forcer" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_report_sqlg V:Sun Sep 7 15:14:18 2014 - Loaded "Generic SQL reports" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_negotiate V:Sun Sep 7 15:14:18 2014 - Loaded "Negotiate" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_tests V:Sun Sep 7 15:14:18 2014 - Loaded "Nikto Tests" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_parked V:Sun Sep 7 15:14:18 2014 - Loaded "Parked Detection" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_multiple_index V:Sun Sep 7 15:14:18 2014 - Loaded "Multiple Index" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_paths V:Sun Sep 7 15:14:18 2014 - Loaded "Path Search" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_core V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_apache_expect_xss V:Sun Sep 7 15:14:18 2014 - Loaded "Apache Expect XSS" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_apacheusers V:Sun Sep 7 15:14:18 2014 - Loaded "Apache Users" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_report_html V:Sun Sep 7 15:14:18 2014 - Loaded "Report as HTML" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_embedded V:Sun Sep 7 15:14:18 2014 - Loaded "Embedded Detection" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_httpoptions V:Sun Sep 7 15:14:18 2014 - Loaded "HTTP Options" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_cookies V:Sun Sep 7 15:14:18 2014 - Loaded "HTTP Cookie Internal IP" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_favicon V:Sun Sep 7 15:14:18 2014 - Loaded "Favicon" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_report_csv V:Sun Sep 7 15:14:18 2014 - Loaded "CSV reports" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_report_text V:Sun Sep 7 15:14:18 2014 - Loaded "Text reports" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_ssl V:Sun Sep 7 15:14:18 2014 - Loaded "SSL and cert checks" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_dictionary_attack V:Sun Sep 7 15:14:18 2014 - Loaded "Dictionary attack" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_fileops V:Sun Sep 7 15:14:18 2014 - Loaded "File Operations" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_outdated V:Sun Sep 7 15:14:18 2014 - Loaded "Outdated" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_ms10_070 V:Sun Sep 7 15:14:18 2014 - Loaded "ms10-070 Check" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_report_nbe V:Sun Sep 7 15:14:18 2014 - Loaded "NBE reports" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_msgs V:Sun Sep 7 15:14:18 2014 - Loaded "Server Messages" plugin. V:Sun Sep 7 15:14:18 2014 - Initialising plugin nikto_clientaccesspolicy V:Sun Sep 7 15:14:18 2014 - Loaded "clientaccesspolicy.xml" plugin. V:Sun Sep 7 15:14:18 2014 - Getting targets V:Sun Sep 7 15:14:18 2014 - Opening reports (none, ) V:Sun Sep 7 15:14:18 2014 - 6677 server checks loaded V:Sun Sep 7 15:14:18 2014 - Running start for "HTTP Headers" plugin V:Sun Sep 7 15:14:18 2014 - Running start for "Embedded Detection" plugin V:Sun Sep 7 15:14:18 2014 - Running start for "Favicon" plugin V:Sun Sep 7 15:14:18 2014 - Running start for "Guess authentication" plugin V:Sun Sep 7 15:14:18 2014 - Running start for "Content Search" plugin

  • 0 host(s) tested V:Sun Sep 7 15:14:18 2014 + 0 requests made in 0 seconds all done!

stevecoward avatar Sep 07 '14 19:09 stevecoward

Non-issue. User error.

My script creates folders per IP and when nikto goes to determine if the target param is a file or string (sub set_targets() in nikto_core.plugin), nikto does a -e file test operator on each $host. Thus, in my case, since nikto was able to evaluate my target IP as a folder, 0 hosts were saved to @hosts (failed the parse_hostfile() check).

stevecoward avatar Sep 07 '14 20:09 stevecoward

Non-issue. User error.

My script creates folders per IP and when nikto goes to determine if the target param is a file or string (sub set_targets() in nikto_core.plugin), nikto does a -e file test operator on each $host. Thus, in my case, since nikto was able to evaluate my target IP as a folder, 0 hosts were saved to @hosts (failed the parse_hostfile() check).

Thank you @stevecoward! I've been tearing my hair out over the exact same issue.

Have you found a workaround?

(edit: figured it out. Just need to cd to a different path before executing nikto. 😑)

nestedfunction avatar May 19 '22 07:05 nestedfunction

Hmm that's curious. I think it should use -f instead of -e as that will not only confirm if it exists but also if it's a file.

In the 2.5.0 branch, could you change nikto_core.plugin line 1211 from: if (-e $host || $host eq "-") { to if (-f $host || $host eq "-") {

and retry as you had it?

I suspect that will resolve it, but if you can confirm I'd appreciate it and I'll then update the source.

sullo avatar May 19 '22 13:05 sullo

You may also get value from using the -Save . syntax when running.

You may want to read this wiki page: https://github.com/sullo/nikto/wiki/Saving-Requests-Responses-&-Replaying

You can use the -Save . option to automatically create a unique directory per host, which will output all findings into a JSON file each. Each file has the raw request and finding info, as well as a JSON object for the request and a separate one for the response. Depending on your needs this may be easier.

You can also do the same with file names by using -F json -o . to create a unique file per target with JSON format.

sullo avatar May 19 '22 13:05 sullo