Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: nikto plugin

from [Jared Breland] Network Security [Permanent Link]
Subject: Re: nikto plugin
Date: Tue, 22 Feb 2005 18:11:26 -0600
on 2/22/2005 11:30 AM Sullo said the following: 
Jared

To help determine if Nikto is even running against the target, you can edit
Nikto's config.txt and enable the CLIOPTS setting and have it dump all output to a file. When it runs, anything being printed by Nikto will also be saved to this file. For example:
CLIOPTS=-o /tmp/output.txt

This may help debug where exactly the problem is (calling nikto, nikto running, output going back to nessus, etc.).

Hmm... this is interesting. I added the CLIOPTS line to my nikto.cfg file as suggested and ran a nikto scan. Sure enough, all output was copied to /tmp/output.txt. I then deleted the file and ran a Nessus scan, with nikto enabled, against the same host. According nessusd.messages, nikto.nasl was launched, but it exited after 0.009 seconds, and NO OUTPUT was copied to /tmp/output.txt.

So, it looks like the plugin is running, but for some reason it's not actually firing off Nikto. Getting closer... :-)

Is there any extra debugging I can do in Nessus itself? Something to give me a better indication of what's going wrong?

Thanks,
--
Jared

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: find_service.nes hanging on 2.2.3 linux, Renaud Deraison
Next by Date:  Is "Get Identd info" used at all?, Jesper S. Jensen
Previous by Thread:  Re: nikto plugin, Sullo
Next by Thread:  RE: nikto plugin, Discini, Sonny
Indexes:  [Date] [Thread] [Top] [All Lists]