Changeset 501
- Timestamp:
- 08/10/2010 03:45:52 AM (3 years ago)
- Location:
- documentation
- Files:
-
- 2 edited
-
doc.xml (modified) (18 diffs)
-
sections/options.xml (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
documentation/doc.xml
r492 r501 6 6 ]> 7 7 <book> 8 <title>Nikto v2.1. 2- The Manual</title>8 <title>Nikto v2.1.3 - The Manual</title> 9 9 10 10 <chapter id="introduction"> … … 79 79 several years of improvements.</para> 80 80 81 <para>In 2008, due to other commitments, Sullo, the original author82 couldn't continue to support Nikto and the code was released under the83 GPL and passed to the community for support.</para>81 <para>In 2008, David Lodge officially joined the development team and 82 assumed leadership of Nikto while Chris Sullo pursued another 83 committment. In 2009, Sullo rejoined the project.</para> 84 84 </section> 85 85 </chapter> … … 120 120 exist for ActiveState's Perl.</para> 121 121 122 <para>For support for logging to Metasploit, the RPC::XML and RPC::XML::Client123 modules must be installed. Nikto will operate with these modules,124 but the functionality will not be available.</para>122 <para>For support for logging to Metasploit, the RPC::XML and 123 RPC::XML::Client modules must be installed. Nikto will operate with 124 these modules, but the functionality will not be available.</para> 125 125 126 126 <itemizedlist> … … 143 143 <para>OpenSSL: <ulink 144 144 url="http://www.openssl.org/">http://www.openssl.org/</ulink></para> 145 </listitem> 146 147 <listitem> 148 <para>Perl modules RPC::XML::Client and RPC::XML for Metasploit 149 logging integration</para> 145 150 </listitem> 146 151 </itemizedlist> … … 308 313 url="http://www.nessus.org/">http://www.nessus.org/nessus/</ulink>) can 309 314 be configured to automatically launch Nikto when it finds a web server. 310 Ensure Nikto works properly, that nikto.pl is in the PATH, and that nikto.nasl 311 is present in the Nessus install. Run 'nessusd -R' and then restart nessusd.</para> 312 <para>See <ulink url="http://blog.tenablesecurity.com/2008/09/using-nessus-to.html"> 313 http://blog.tenablesecurity.com/2008/09/using-nessus-to.html</ulink> for detailed 314 instructions.</para> 315 Ensure Nikto works properly, that nikto.pl is in the PATH, and that 316 nikto.nasl is present in the Nessus install. Run 'nessusd -R' and then 317 restart nessusd.</para> 318 319 <para>See <ulink 320 url="http://blog.tenablesecurity.com/2008/09/using-nessus-to.html">http://blog.tenablesecurity.com/2008/09/using-nessus-to.html</ulink> 321 for detailed instructions.</para> 322 </section> 323 324 <section> 325 <title>Interactive Features</title> 326 327 <para>Nikto contains several options which can be changed during an 328 active scan, provided it is running on a system which provides POSIX 329 support, which includes *nix and some other operating systems. On 330 systems without POSIX support, these features will be silently 331 disabled.</para> 332 333 <para>During an active scan, pressing any of the keys below will turn on 334 or off the listed feature or perform the listed action. Note that these 335 are case sensitive.</para> 336 337 <itemizedlist> 338 <listitem> 339 <para>SPACE - Report current scan status</para> 340 </listitem> 341 342 <listitem> 343 <para>v - Turn verbose mode on/off</para> 344 </listitem> 345 346 <listitem> 347 <para>d - Turn debug mode on/off</para> 348 </listitem> 349 350 <listitem> 351 <para>e - Turn error reporting on/off</para> 352 </listitem> 353 354 <listitem> 355 <para>p - Turn progress reporting on/off</para> 356 </listitem> 357 358 <listitem> 359 <para>r - Turn redirect display on/off</para> 360 </listitem> 361 362 <listitem> 363 <para>c - Turn cookie display on/off</para> 364 </listitem> 365 366 <listitem> 367 <para>o - Turn OK display on/off</para> 368 </listitem> 369 370 <listitem> 371 <para>a - Turn auth display on/off</para> 372 </listitem> 373 374 <listitem> 375 <para>q - Quit</para> 376 </listitem> 377 378 <listitem> 379 <para>P - Pause</para> 380 </listitem> 381 </itemizedlist> 315 382 </section> 316 383 </chapter> … … 415 482 416 483 <listitem> 417 <para>E - Display all HTTP errors. Show details for any HTTP error 484 <para>E - Display all HTTP errors. Show details for any HTTP error 418 485 encountered.</para> 419 486 </listitem> 420 487 421 488 <listitem> 422 <para>P - Print progress to STDOUT. Show status report to STDOUT 489 <para>P - Print progress to STDOUT. Show status report to STDOUT 423 490 during testing (interval set in nikto.conf).</para> 424 491 </listitem> … … 747 814 must be connectivity from the target server to cirt.net, it's 748 815 subject to cirt.net's availability, and successful requests will 749 be logged (by Apache). We recommend you use your own. 816 be logged (by Apache). We recommend you use your own.</para> 750 817 751 818 <para>Default Setting</para> … … 760 827 <listitem> 761 828 <para>This configuration item defines ports that would never be 762 scanned by Nikto. 829 scanned by Nikto.</para> 763 830 764 831 <para>Default Setting</para> … … 871 938 <listitem> 872 939 <para>Disables Nikto prompts if set to "no". This is currently 873 only used to prompt for proxy authentication and sending updates.</para> 940 only used to prompt for proxy authentication and sending 941 updates.</para> 874 942 875 943 <para>Default Setting</para> … … 889 957 <para>Default Setting</para> 890 958 891 <screen>CIRT= 209.172.49.178</screen>959 <screen>CIRT=174.142.17.165</screen> 892 960 </listitem> 893 961 </varlistentry> … … 1018 1086 templates. It is a violation of the Nikto licence to remove these 1019 1087 notices.</para> 1088 </section> 1089 </chapter> 1090 1091 <chapter id="developing"> 1092 <title>OSS Development</title> 1093 1094 <section> 1095 <title>Open Source Contributions</title> 1096 1097 <para>Nikto is an open source project licensed under the GNU GPL 1098 license. As such, code updates are welcomed and very much 1099 appreciated.</para> 1100 </section> 1101 1102 <section> 1103 <title>Development Source</title> 1104 1105 <para>The Nikto development source code is located in a Subversion (SVN) 1106 repository which is publicly accessible. To download the source code, 1107 install Subversion and issue the following command:</para> 1108 1109 <itemizedlist> 1110 <listitem> 1111 <para>svn co http://svn2.assembla.com/svn/Nikto_2</para> 1112 </listitem> 1113 </itemizedlist> 1114 1115 <para>For more information on the development enviornment, please see: 1116 http://www.assembla.com/spaces/Nikto_2/trac_subversion_tool</para> 1020 1117 </section> 1021 1118 </chapter> … … 2051 2148 2052 2149 <listitem> 2053 <para>Hash to contain all the entries in db_content_search - a list of 2054 strings and related info to alert on from any request (regardless of test result).</para> 2150 <para>Hash to contain all the entries in db_content_search - a 2151 list of strings and related info to alert on from any request 2152 (regardless of test result).</para> 2055 2153 </listitem> 2056 2154 </varlistentry> … … 2212 2310 <para>Flag to see whether connection through the proxy has been 2213 2311 checked.</para> 2214 </listitem>2215 </varlistentry>2216 2217 <varlistentry>2218 <term><varname>$http_eol</varname> (read) (deprecated)</term>2219 2220 <listitem>2221 <para>Contains the http end of line pattern.</para>2222 2312 </listitem> 2223 2313 </varlistentry> … … 2419 2509 advised to redirect output to a file when using them.</para> 2420 2510 </section> 2511 2512 <section> 2513 <title>Assistance</title> 2514 2515 <para>If you need assistance with development or running Nikto, the 2516 Nikto-discuss mailing list can be an excellent resource and is an easy 2517 way to contact the developers and other knowledgeable users. For more 2518 information on the maling list, including archives and subscription 2519 options, please see http://cirt.net/nikto-discuss.</para> 2520 </section> 2421 2521 </chapter> 2422 2522 … … 2453 2553 2454 2554 <para>Nikto is written and maintained by Chris Sullo and David Lodge. 2455 LibWhisker was written by Rain Forrest Puppy</para> 2555 LibWhisker is written and maintained by Jeff Forristal (Rain Forrest 2556 Puppy).</para> 2456 2557 </section> 2457 2558 … … 2460 2561 2461 2562 <para>Many people have provided feedback, fixes, and suggestions. This 2462 list attempts to make note of those people, though not all contributors2463 are listed. In no particularorder:</para>2563 list is a feeble attempt to thank a few people, in no particular 2564 order:</para> 2464 2565 2465 2566 <itemizedlist> 2466 2567 <listitem> 2467 2568 <para>Nikto 2 Testing: Paul Woroshow, Mark G. Spencer, Michel Arboi, 2468 Jericho, rfp </para>2569 Jericho, rfp.</para> 2469 2570 </listitem> 2470 2571 … … 2493 2594 2494 2595 <listitem> 2495 <para>Stephen Valdez. Extensive testing. We all miss you.</para> 2596 <para>Stephen Valdez for extensive testing and being a great 2597 guy.</para> 2496 2598 </listitem> 2497 2599 2498 2600 <listitem> 2499 2601 <para>S Saady. Extensive testing.</para> 2500 </listitem>2501 2502 <listitem>2503 <para>Zeno (cgisecurity.com). Nikto mirroring.</para>2504 2602 </listitem> 2505 2603 … … 2514 2612 2515 2613 <listitem> 2516 <para>T Seyrat. Maintains Nikto for the Debian releases.</para>2517 </listitem>2518 2519 <listitem>2520 2614 <para>J DePriest. Ideas/fixes.</para> 2521 2615 </listitem> -
documentation/sections/options.xml
r492 r501 177 177 <para>For '-Format msf' the output option takes special meaning. It should contain 178 178 the password and location of the Metasploit RPC service. For example, it 179 may look like: '-o msf: <password>@http://localhost:55553/RPC2'</para>179 may look like: '-o msf:<password>@http://localhost:55553/RPC2'</para> 180 180 </listitem> 181 181 </varlistentry>
Note: See TracChangeset
for help on using the changeset viewer.
