Changeset 76
- Timestamp:
- 09/20/2008 04:21:51 PM (5 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
-
config.txt (modified) (1 diff)
-
docs/CHANGES.txt (modified) (1 diff)
-
nikto.pl (modified) (6 diffs)
-
plugins/nikto_cgi.plugin (modified) (1 diff)
-
plugins/nikto_core.plugin (modified) (21 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/config.txt
r46 r76 59 59 # server do not implement the HEAD method 60 60 CHECKMETHODS=HEAD GET 61 62 CLIOPTS=-Format html -output report.html -
trunk/docs/CHANGES.txt
r75 r76 1 2008-09-20 plugins/nikto_core.plugin plugins/nikto_cgi.plugin nikto.pl 2 - Fixes to ensure nikto produces less perl warnings 1 3 2008-09-16 plugins/nikto_core.plugin plugins/nikto_httpoptions.plugin 2 4 - Fix for ticket #37 -
trunk/nikto.pl
r75 r76 84 84 $request{'whisker'}->{'lowercase_incoming_headers'} = 1; 85 85 $request{'whisker'}->{'timeout'} = $CLI{timeout} || 10; 86 if ( $CLI{evasion} ne "") { $request{'whisker'}->{'encode_anti_ids'} = $CLI{evasion}; }86 if (defined $CLI{evasion}) { $request{'whisker'}->{'encode_anti_ids'} = $CLI{evasion}; } 87 87 $request{'User-Agent'} = $NIKTO{useragent}; 88 88 $request{'whisker'}->{'retry'} = 0; … … 126 126 else { 127 127 $request{'whisker'}->{'host'} = $TARGETS{$CURRENT_HOST_ID}{hostname} || $TARGETS{$CURRENT_HOST_ID}{ip}; 128 if ( $TARGETS{$CURRENT_HOST_ID}{vhost} ne '') { $request{'Host'} = $TARGETS{$CURRENT_HOST_ID}{vhost}; }128 if (defined $TARGETS{$CURRENT_HOST_ID}{vhost}) { $request{'Host'} = $TARGETS{$CURRENT_HOST_ID}{vhost}; } 129 129 foreach $CURRENT_PORT (keys %{$TARGETS{$CURRENT_HOST_ID}{ports}}) 130 130 { … … 133 133 $request{'whisker'}->{'ssl'} = $TARGETS{$CURRENT_HOST_ID}{ports}{$CURRENT_PORT}{ssl}; 134 134 $request{'whisker'}->{'version'} = $NIKTOCONFIG{DEFAULTHTTPVER}; 135 if ( $NIKTOCONFIG{'STATIC-COOKIE'} ne "") { $request{'Cookie'} = $NIKTOCONFIG{'STATIC-COOKIE'}; }135 if (defined $NIKTOCONFIG{'STATIC-COOKIE'}) { $request{'Cookie'} = $NIKTOCONFIG{'STATIC-COOKIE'}; } 136 136 $TARGETS{$CURRENT_HOST_ID}{total_vulns} = 0; 137 137 delete $TARGETS{$CURRENT_HOST_ID}{positives}; … … 192 192 193 193 # add CONFIG{CLIOPTS} to ARGV if defined... 194 if ( $NIKTOCONFIG{CLIOPTS} ne "")194 if (defined $NIKTOCONFIG{CLIOPTS}) 195 195 { 196 196 my @t = split(/ /, $NIKTOCONFIG{CLIOPTS}); … … 206 206 # get the correct path to 'plugins' 207 207 # if defined in config.txt file... most accurate, we hope 208 if (( $NIKTOCONFIG{EXECDIR} ne "") && (-d "$NIKTOCONFIG{EXECDIR}/plugins"))208 if ((defined $NIKTOCONFIG{EXECDIR}) && (-d "$NIKTOCONFIG{EXECDIR}/plugins")) 209 209 { 210 210 $NIKTO{execdir} = $NIKTOCONFIG{EXECDIR}; … … 213 213 } 214 214 215 if ($NIKTO{execdir} eq "")215 unless (defined $NIKTO{execdir}) 216 216 { # try pwd 217 217 if (-d "$ENV{PWD}/plugins") -
trunk/plugins/nikto_cgi.plugin
r54 r76 53 53 ($res, $CONTENT)=fetch($possiblecgidir,"GET"); 54 54 nprint("Checked for CGI dir\t$possiblecgidir\tgot:$res","d"); 55 if (content_present($res) eq true)55 if (content_present($res) eq TRUE) 56 56 { 57 57 $gotvalid++; -
trunk/plugins/nikto_core.plugin
r75 r76 215 215 chomp($line); 216 216 # don't print debug & verbose to output file... 217 if ($_[1] eq "d") 218 { 219 if ($OUTPUT{debug}) { print "D:" . localtime() . " $line\n"; } 220 return; 221 } 222 elsif ($_[1] eq "v") 223 { 224 if ($OUTPUT{verbose}) { print "V:" . localtime() . " $line\n"; } 225 return; 226 } 227 217 if (defined $_[1]) 218 { 219 if ($_[1] eq "d") 220 { 221 if ($OUTPUT{debug}) { print "D:" . localtime() . " $line\n"; } 222 return; 223 } 224 elsif ($_[1] eq "v") 225 { 226 if ($OUTPUT{verbose}) { print "V:" . localtime() . " $line\n"; } 227 return; 228 } 229 } 228 230 # print errors to STDERR 229 231 if ($line =~ /ERROR\:/) { print STDERR "$line\n"; } … … 324 326 LW2::http_do_request_timeout(\%request,\%result); 325 327 dump_var("Result Hash", \%result); 326 if ( $result{location} ne "")328 if (defined $result{location}) 327 329 { 328 330 nprint("- Root page / redirects to: $result{location}"); … … 393 395 $ext=$REQS{$file}; 394 396 $FoF{$ext}{response} = $result{'whisker'}->{'code'}; 395 if ( $result{location} ne "")397 if (defined $result{location}) 396 398 { 397 399 $FoF{$ext}{location} = $result{location}; … … 492 494 493 495 # URI, if provided, plus encoded versions of it 494 if ( $_[1] ne '')496 if (defined $_[1]) 495 497 { 496 498 my $e = $_[1]; … … 560 562 nprint("+ Target Hostname: $TARGETS{$CURRENT_HOST_ID}{hostname}"); 561 563 nprint("+ Target Port: $CURRENT_PORT"); 562 if (( $CLI{vhost} ne $TARGETS{$CURRENT_HOST_ID}{hostname}) && ($CLI{vhost} ne ""))564 if ((defined $CLI{vhost}) && ($CLI{vhost} ne $TARGETS{$CURRENT_HOST_ID}{hostname})) 563 565 { nprint("+ Virtual Host: $CLI{vhost}"); } 564 if ( $request{'whisker'}->{'proxy_host'} ne "")566 if (defined $request{'whisker'}->{'proxy_host'}) 565 567 { nprint("- Proxy: $request{'whisker'}->{'proxy_host'}:$request{'whisker'}->{'proxy_port'}"); } 566 if ( $NIKTO{hostid} ne "") { nprint("- Host Auth: ID: $NIKTO{hostid}, PW: $NIKTO{hostpw}, Realm: $NIKTO{hostdomain}","v"); }568 if (defined $NIKTO{hostid}) { nprint("- Host Auth: ID: $NIKTO{hostid}, PW: $NIKTO{hostpw}, Realm: $NIKTO{hostdomain}","v"); } 567 569 if ($TARGETS{$CURRENT_HOST_ID}{ports}{$CURRENT_PORT}{ssl}) { nprint($SSLPRINT); } 568 for (my $i=1;$i<=(keys %{$NIKTO{anti_ids}});$i++) { if ($CLI{evasion} =~ /$i/) { nprint("+ Using IDS Evasion: $NIKTO{anti_ids}{$i}"); }} 569 for (my $i=1;$i<=(keys %{$NIKTO{mutate_opts}});$i++) { if ($CLI{mutate} =~ /$i/) { nprint("+ Using Mutation: $NIKTO{mutate_opts}{$i}"); }} 570 if (defined $NIKTO{anti_ids} && defined $CLI{evasion}) 571 { 572 for (my $i=1;$i<=(keys %{$NIKTO{anti_ids}});$i++) { if ($CLI{evasion} =~ /$i/) { nprint("+ Using IDS Evasion: $NIKTO{anti_ids}{$i}"); }} 573 } 574 if (defined $NIKTO{mutate_opts} && defined $CLI{mutate}) 575 { 576 for (my $i=1;$i<=(keys %{$NIKTO{mutate_opts}});$i++) { if ($CLI{mutate} =~ /$i/) { nprint("+ Using Mutation: $NIKTO{mutate_opts}{$i}"); }} 577 } 570 578 nprint("+ Start Time: $TARGETS{$CURRENT_HOST_ID}{ports}{$CURRENT_PORT}{start_time_disp}"); 571 579 nprint($DIV); … … 759 767 760 768 # screen output 761 if ($CLI{display} =~ /d/i) { $OUTPUT{debug}=1; } 762 if ($CLI{display} =~ /v/i) { $OUTPUT{verbose}=1; } 769 if (defined $CLI{display}) 770 { 771 if ($CLI{display} =~ /d/i) { $OUTPUT{debug}=1; } 772 if ($CLI{display} =~ /v/i) { $OUTPUT{verbose}=1; } 773 } 763 774 764 775 # port(s) 765 $CLI{ports}=~s/^\s+//; 766 $CLI{ports}=~s/\s+$//; 767 #if ($CLI{ports} eq "") { $CLI{ports}=80; } 768 if ($CLI{ports} =~ /[^0-9\-\, ]/) { nprint("+ ERROR: Invalid port option '$CLI{ports}'"); exit; } 776 if (defined $CLI{ports}) 777 { 778 $CLI{ports}=~s/^\s+//; 779 $CLI{ports}=~s/\s+$//; 780 #if ($CLI{ports} eq "") { $CLI{ports}=80; } 781 if ($CLI{ports} =~ /[^0-9\-\, ]/) { nprint("+ ERROR: Invalid port option '$CLI{ports}'"); exit; } 782 } 769 783 770 784 # Fixup 771 $CLI{root} =~ s/\/$//; 772 if (($CLI{root} !~ /^\//) && ($CLI{root} ne "")) { $CLI{root} = "/$CLI{root}"; } 773 774 if ($CLI{hostauth} ne "") 785 if (defined $CLI{root}) 786 { 787 $CLI{root} =~ s/\/$//; 788 if (($CLI{root} !~ /^\//) && ($CLI{root} ne "")) { $CLI{root} = "/$CLI{root}"; } 789 } 790 791 if (defined $CLI{hostauth}) 775 792 { 776 793 my @x=split(/:/,$CLI{hostauth}); … … 781 798 $NIKTO{hostdomain} = $x[2]; 782 799 } 783 $CLI{evasion}=~s/[^0-9]//g; 784 785 $NIKTO{useragent}="Mozilla/4.75 ($NIKTO{name}/$NIKTO{version} $request{'User-Agent'})"; 800 801 if (defined $CLI{evasion}) 802 { 803 $CLI{evasion}=~s/[^0-9]//g; 804 } 805 806 $NIKTO{useragent}="Mozilla/4.75 ($NIKTO{name}/$NIKTO{version})"; 786 807 787 808 # SSL Test … … 789 810 790 811 # Notices 791 my $notice ;792 if ( $CLI{root} ne '')812 my $notice=""; 813 if (defined $CLI{root}) 793 814 { $notice .= "Prepending '$CLI{root}' to requests"; } 794 815 if ($CLI{pause} > 0) … … 917 938 { 918 939 # First get the host name 919 my $host, $ip;940 my ($host, $ip); 920 941 my @line=split(/ /); 921 942 my @name=split(/\(|\)/, $line[2]); … … 1004 1025 } 1005 1026 1006 if ($CLI{vhost} ne '') { $TARGETS{$host_ctr}{vhost}=$CLI{vhost}; } 1007 nprint("- Target id:$host_ctr:ident:$TARGETS{$host_ctr}{ident}:ports_in:$TARGETS{$host_ctr}{ports_in}:vhost:$$TARGETS{$host_ctr}{vhost}=$CLI{vhost}:","d"); 1008 1027 if (defined $CLI{vhost}) 1028 { 1029 $TARGETS{$host_ctr}{vhost}=$CLI{vhost}; 1030 nprint("- Target id:$host_ctr:ident:$TARGETS{$host_ctr}{ident}:ports_in:$TARGETS{$host_ctr}{ports_in}:vhost:$$TARGETS{$host_ctr}{vhost}=$CLI{vhost}:","d"); 1031 } 1009 1032 nprint( 1010 1033 "- Target id:$host_ctr:ident:$TARGETS{$host_ctr}{ident}:ports_in:$TARGETS{$host_ctr}{ports_in}:","d" … … 1103 1126 my @dbs=qw/db_404_strings db_outdated db_realms db_tests db_variables/; 1104 1127 my $prefix = $_[0]; 1128 1129 unless (defined $prefix) 1130 { 1131 $prefix=""; 1132 } 1105 1133 1106 1134 # verify required files … … 1778 1806 $request{'whisker'}->{'uri'}="/"; 1779 1807 1780 if ( $request{'whisker'}->{'proxy_host'} ne "") # proxy is set up1808 if (defined $request{'whisker'}->{'proxy_host'}) # proxy is set up 1781 1809 { 1782 1810 LW2::http_close(\%request); # force-close any old connections … … 1830 1858 my @FILES_TMP = (); 1831 1859 1832 opendir( directory,$DIR) || die print STDERR "+ ERROR: Can't open directory '$DIR': $@";1833 foreach my $file (readdir( directory))1860 opendir(DIRECTORY,$DIR) || die print STDERR "+ ERROR: Can't open directory '$DIR': $@"; 1861 foreach my $file (readdir(DIRECTORY)) 1834 1862 { 1835 1863 if ($file =~ /^\./) { next; } # skip hidden files, '.' and '..' … … 1837 1865 else { push (@FILES_TMP,$file); } 1838 1866 } 1839 closedir( directory);1867 closedir(DIRECTORY); 1840 1868 1841 1869 return @FILES_TMP; … … 1855 1883 sub content_present 1856 1884 { 1857 my $result= false;1885 my $result=FALSE; 1858 1886 my $res=$_[0]; 1859 1887 … … 1862 1890 if ($res eq $found) 1863 1891 { 1864 $result= true;1892 $result=TRUE; 1865 1893 } 1866 1894 } … … 1872 1900 if ($CLI{pause} > 0) { sleep $CLI{pause}; } 1873 1901 LW2::http_close(\%request); # force-close any old connections 1874 $request{'whisker'}->{'uri'} = $CLI{root} . $_[0]; # prepend -root option value 1902 if (defined $CLI{root}) 1903 { 1904 $request{'whisker'}->{'uri'} = $CLI{root} . $_[0]; # prepend -root option value 1905 } 1875 1906 $request{'whisker'}->{'method'} = $_[1]; 1876 1907 $request{'whisker'}->{'http_eol'}=$http_eol; … … 1880 1911 my $header_hash=$_[3]; 1881 1912 1882 if ( $_[2] ne "")1913 if (defined $_[2]) 1883 1914 { 1884 1915 my $r=$_[2]; … … 1927 1958 %TESTS = (); 1928 1959 $TARGETS{$CURRENT_HOST_ID}{total_checks}=0; 1929 my @SKIPLIST = split(/ /,$NIKTOCONFIG{SKIPIDS}); 1960 my @SKIPLIST=(); 1961 if (defined $NIKTOCONFIG{SKIPIDS}) 1962 { 1963 @SKIPLIST = split(/ /,$NIKTOCONFIG{SKIPIDS}); 1964 } 1930 1965 1931 1966 # now load checks … … 1942 1977 1943 1978 # check tuning options 1944 if (( $CLI{tuning} ne "") && ($item[2] ne ""))1979 if ((defined $CLI{tuning}) && (defined $item[2])) 1945 1980 { 1946 1981 if ($CLI{tuning} =~ /x/) … … 2258 2293 for (my $i=0; $i<=$#contents; $i++) 2259 2294 { 2260 $hashref->{ @headers[$i]} = @contents[$i];2295 $hashref->{$headers[$i]} = $contents[$i]; 2261 2296 } 2262 2297 push(@dbarray, $hashref);
Note: See TracChangeset
for help on using the changeset viewer.
