Changeset 738
- Timestamp:
- 04/06/2012 04:15:21 AM (14 months ago)
- Location:
- trunk
- Files:
-
- 15 added
- 14 deleted
- 4 edited
-
databases (added)
-
databases/db_404_strings (added)
-
databases/db_content_search (added)
-
databases/db_embedded (added)
-
databases/db_favicon (added)
-
databases/db_headers (added)
-
databases/db_httpoptions (added)
-
databases/db_multiple_index (added)
-
databases/db_outdated (added)
-
databases/db_parked_strings (added)
-
databases/db_realms (added)
-
databases/db_server_msgs (added)
-
databases/db_subdomains (added)
-
databases/db_tests (added)
-
databases/db_variables (added)
-
docs/CHANGES.txt (modified) (1 diff)
-
nikto.conf (modified) (2 diffs)
-
nikto.pl (modified) (1 diff)
-
plugins/db_404_strings (deleted)
-
plugins/db_content_search (deleted)
-
plugins/db_embedded (deleted)
-
plugins/db_favicon (deleted)
-
plugins/db_headers (deleted)
-
plugins/db_httpoptions (deleted)
-
plugins/db_multiple_index (deleted)
-
plugins/db_outdated (deleted)
-
plugins/db_parked_strings (deleted)
-
plugins/db_realms (deleted)
-
plugins/db_server_msgs (deleted)
-
plugins/db_subdomains (deleted)
-
plugins/db_tests (deleted)
-
plugins/db_variables (deleted)
-
plugins/nikto_core.plugin (modified) (13 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/docs/CHANGES.txt
r735 r738 8 8 - Ticket 220: Certificate wildcard matching incorrect 9 9 - Ticket 217: Add -IgnoreCode option to allow db_404_strings' @CODE at the command line 10 - Ticket 214: Relocate databases to 'databases/' directory from 'plugins/' 10 11 - Ticket 211: Shuffled some information in HTML report and added more summary data. Added error count and total check count to XML (note: DTD change). 11 12 - Ticket 202: -maxtime maximum execution time per host (seconds) -
trunk/nikto.conf
r649 r738 22 22 # IDs never to alert on (Note: this only works for IDs loaded from db_tests) 23 23 #SKIPIDS= 24 25 # if Nikto is having difficulty finding the 'plugins', set the full install path here26 # EXECDIR=/usr/local/nikto27 24 28 25 # The DTD … … 65 62 66 63 # If you want to specify the location of any of the files, specify them here 67 # EXECDIR=/opt/nikto 68 # PLUGINDIR=/opt/nikto/plugins 69 # TEMPLATEDIR=/opt/nikto/templates 70 # DOCDIR=/opt/nikto/docs 64 # EXECDIR=/opt/nikto # Location of Nikto 65 # PLUGINDIR=/opt/nikto/plugins # Location of plugin dir 66 # DBDIR=/opt/nikto/databases # Location of plugin dir 67 # TEMPLATEDIR=/opt/nikto/templates # Location of tempmlate dir 68 # DOCDIR=/opt/nikto/docs # Location of docs dir 71 69 72 70 # Default plugin macros -
trunk/nikto.pl
r713 r738 332 332 $CONFIGFILE{'DOCUMENTDIR'} = "$CONFIGFILE{'EXECDIR'}/docs"; 333 333 } 334 unless (defined $CONFIGFILE{'DBDIR'}) { 335 $CONFIGFILE{'DBDIR'} = "$CONFIGFILE{'EXECDIR'}/databases"; 336 } 334 337 return; 335 338 } -
trunk/plugins/nikto_core.plugin
r736 r738 757 757 758 758 # get core version 759 open(FI, "<$CONFIGFILE{ PLUGINDIR}/nikto_core.plugin");759 open(FI, "<$CONFIGFILE{'PLUGINDIR'}/nikto_core.plugin"); 760 760 my @F = <FI>; 761 761 close(FI); … … 1188 1188 # verify required files 1189 1189 for my $file (@dbs) { 1190 if (!-r "$CONFIGFILE{ PLUGINDIR}/$file") {1191 die nprint("+ ERROR: Can't find/read required file \"$CONFIGFILE{ PLUGINDIR}/$file\"");1190 if (!-r "$CONFIGFILE{'DBDIR'}/$file") { 1191 die nprint("+ ERROR: Can't find/read required file \"$CONFIGFILE{'DBDIR'}/$file\""); 1192 1192 } 1193 1193 } 1194 1194 1195 1195 for my $file (@dbs) { 1196 my $filename = $CONFIGFILE{ PLUGINDIR} . "/" . $prefix . $file;1196 my $filename = $CONFIGFILE{DBDIR} . "/" . $prefix . $file; 1197 1197 if (!-r $filename) { next; } 1198 1198 open(IN, "<$filename") || die nprint("+ ERROR: Can't open \"$filename\":$!\n"); … … 1280 1280 1281 1281 for my $file (@dbs) { 1282 my $filename = $CONFIGFILE{ PLUGINDIR} . "/" . $prefix . $file;1282 my $filename = $CONFIGFILE{DBDIR} . "/" . $prefix . $file; 1283 1283 if (!-r $filename) { 1284 1284 nprint("+ ERROR: Unable to read \"$filename\""); … … 1532 1532 ############################################################################### 1533 1533 sub load_plugins { 1534 my @pluginlist = dirlist("$CONFIGFILE{ PLUGINDIR}", '\.plugin$');1534 my @pluginlist = dirlist("$CONFIGFILE{'PLUGINDIR'}", '\.plugin$'); 1535 1535 my @all_names; 1536 1536 … … 1547 1547 $plugin_name =~ s/\.plugin$//; 1548 1548 my $plugin_init = $plugin_name . "_init"; 1549 eval { require "$CONFIGFILE{ PLUGINDIR}/$plugin"; };1549 eval { require "$CONFIGFILE{'PLUGINDIR'}/$plugin"; }; 1550 1550 if ($@) { 1551 1551 nprint("- Could not load or parse plugin: $plugin_name\n Error: "); … … 1856 1856 1857 1857 # get local versions of plugins/dbs 1858 my @NIKTOFILES = dirlist($CONFIGFILE{PLUGINDIR}, ""); 1859 1860 foreach my $file (@NIKTOFILES) { 1858 my %NIKTOFILES; 1859 my @F = dirlist($CONFIGFILE{'PLUGINDIR'}, ""); 1860 foreach my $f (@F) { $NIKTOFILES{$f}=$CONFIGFILE{'PLUGINDIR'} . "/" . $f; } 1861 @F = dirlist($CONFIGFILE{'DBDIR'}, ""); 1862 foreach my $f (@F) { $NIKTOFILES{$f}=$CONFIGFILE{'DBDIR'} . "/" . $f; } 1863 1864 foreach my $file (keys %NIKTOFILES) { 1861 1865 my $v = ""; 1862 open(LOCAL, "<$ CONFIGFILE{PLUGINDIR}/$file")1863 || print STDERR "+ ERROR: Unable to open '$ CONFIGFILE{PLUGINDIR}/$file' for read: $@\n";1866 open(LOCAL, "<$NIKTOFILES{$file}") 1867 || print STDERR "+ ERROR: Unable to open '$NIKTOFILES{$file}' for read: $@\n"; 1864 1868 my @l = <LOCAL>; 1865 1869 close(LOCAL); … … 1903 1907 } 1904 1908 if ($CONTENT ne "") { 1905 open(OUT, ">$CONFIGFILE{PLUGINDIR}/$toget") 1909 my $dir=''; 1910 if ($toget =~ /^db_/) { $dir=$CONFIGFILE{'DBDIR'}; } 1911 else { $dir=$CONFIGFILE{'PLUGINDIR'}; } 1912 open(OUT, ">$dir/$toget") 1906 1913 || die print STDERR 1907 "+ ERROR: Unable to open '$ CONFIGFILE{PLUGINDIR}/$toget' for write: $@\n";1914 "+ ERROR: Unable to open '$dir/$toget' for write: $@\n"; 1908 1915 print OUT $CONTENT; 1909 1916 close(OUT); … … 2525 2532 ####################################################################### 2526 2533 sub version { 2527 my @NIKTOFILES = dirlist($CONFIGFILE{PLUGINDIR}, "(^nikto|^db_)"); 2534 my %NIKTOFILES; 2535 my @F = dirlist($CONFIGFILE{'PLUGINDIR'}, ""); 2536 foreach my $f (@F) { $NIKTOFILES{$f}=$CONFIGFILE{'PLUGINDIR'} . "/" . $f; } 2537 @F = dirlist($CONFIGFILE{'DBDIR'}, ""); 2538 foreach my $f (@F) { $NIKTOFILES{$f}=$CONFIGFILE{'DBDIR'} . "/" . $f; } 2539 2528 2540 nprint($VARIABLES{'DIV'}); 2529 2541 nprint("$VARIABLES{'name'} Versions"); … … 2534 2546 nprint("LibWhisker $LW2::VERSION"); 2535 2547 2536 foreach my $FILE (sort @NIKTOFILES) { 2537 open(FI, "<$CONFIGFILE{PLUGINDIR}/$FILE") 2538 || die print STDERR "+ ERROR: Unable to open '$CONFIGFILE{PLUGINDIR}/$FILE': $!\n"; 2548 foreach my $FILE (sort keys %NIKTOFILES) { 2549 next if $FILE eq 'LW2.pm'; 2550 open(FI, "<$NIKTOFILES{$FILE}") 2551 || die print STDERR "+ ERROR: Unable to open '$NIKTOFILES{$FILE}': $!\n"; 2539 2552 my @F = <FI>; 2540 2553 close(FI); … … 2560 2573 nprint("Module RPC::XML::Client missing. Logging to Metasploit is disabled."); 2561 2574 } 2575 LW2::init_ssl_engine(); 2562 2576 my ($avail, $lib, $ver) = LW2::ssl_is_available(); 2563 2577 if ($avail) { 2564 nprint("SSL : $lib$ver");2578 nprint("SSL Module: $lib version $ver"); 2565 2579 } 2566 2580 else { … … 2597 2611 2598 2612 # make sure the db_outdatedb isn't *too* old 2599 open(OD, "<$CONFIGFILE{ PLUGINDIR}/db_outdated")2600 || die print STDERR "+ ERROR: Unable to open '$CONFIGFILE{ PLUGINDIR}/db_outdated': $!\n";2613 open(OD, "<$CONFIGFILE{'DBDIR'}/db_outdated") 2614 || die print STDERR "+ ERROR: Unable to open '$CONFIGFILE{'DBDIR'}/db_outdated': $!\n"; 2601 2615 @F = <OD>; 2602 2616 close(OD); … … 2800 2814 sub init_db { 2801 2815 my $dbname = $_[0]; 2802 my $filename = "$CONFIGFILE{ PLUGINDIR}/" . $dbname;2816 my $filename = "$CONFIGFILE{'DBDIR'}/" . $dbname; 2803 2817 my (@dbarray, @headers); 2804 2818 my $hashref = {}; … … 2833 2847 2834 2848 # And the udb_* file 2835 $filename = "$CONFIGFILE{ PLUGINDIR}/u" . $dbname;2849 $filename = "$CONFIGFILE{'DBDIR'}/u" . $dbname; 2836 2850 if (open(IN, "<$filename")) { 2837 2851 while (<IN>) {
Note: See TracChangeset
for help on using the changeset viewer.
