[Openvas-discuss] Using nikto NASL

Juan José Pavlik Salles jjpavlik at gmail.com
Tue Dec 13 04:03:04 CET 2011


Well after some tests i undid all the changes i had made in my bash/sudo
enviroment, but nikto has disappeared from my openvas reports. Now i don't
even get the "nikto not found" message. I've tried removing all the content
in /var/cache/openvas, i've deleted /var/lib/openvas/plugins/nikto.nasl and
nikto.nasl.asc and run openvas-nvt-sync to download the newer versions but
still doesn't work. I must have rebooted the server at least 20 times today.

At this point i think there must be something wrong with my openvas
installation, i've installed arachni and dirb, but openvas CAN'T find them
in its PATH, they are in my $PATH variable.

What should i do? i'd really hate reinstalling openvas for this issues...
Did someone get nikto to work in this openvas version (4)??  What about
other nasl plugins, like arachni and dirb, or wapiti?

El 11 de diciembre de 2011 19:10, Juan José Pavlik Salles <
jjpavlik at gmail.com> escribió:

> I just remove everything in the cache but still have this problem:
>
> root at openvas:~# openvas-nasl -D /var/lib/openvas/plugins/nikto.nasl
>
> /var/lib/openvas/plugins/nikto.nasl: bad or missing signature. Will not
> execute this script
>
> root at openvas:~# md5sum /var/lib/openvas/plugins/nikto.nasl
> 530eaa46fc022336703d6ddd3ef35019  /var/lib/openvas/plugins/nikto.nasl
>
> root at openvas:~# md5sum /var/lib/openvas/plugins/nikto.nasl.asc
> ee7347d9074988a4a4f21a8aa43fd531  /var/lib/openvas/plugins/nikto.nasl.asc
>
> root at openvas:~# ls -lah /var/lib/openvas/plugins/nikto.nasl*
> -rw-r--r-- 1 root root 4,6K 2011-11-22 10:09
> /var/lib/openvas/plugins/nikto.nasl
> -rw-r--r-- 1 root root  198 2011-11-22 10:09
> /var/lib/openvas/plugins/nikto.nasl.asc
>
> The strange thing is that the plugin works, i mean i can run it:
>
> root at openvas:~# openvas-nasl -t 192.168.0.1 -X
> /var/lib/openvas/plugins/nikto.nasl
> Here is the Nikto report:
> - Nikto v2.1.4
> ---------------------------------------------------------------------------
> + Target IP:          192.168.0.1
> + Target Hostname:    argos
> + Target Port:        80
> + Start Time:         2011-12-12 19:00:05
>
> ---------------------------------------------------------------------------
> + Server: Apache/2.2.15 (Linux/SUSE)
> + / - Requires Authentication for realm 'mrtg'
> + No CGI Directories found (use '-C all' to force check all possible dirs)
>
> [5890] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here is the
> Nikto report:\n- Nikto
> v2.1.4\n---------------------------------------------------------------------------\n+
> Target IP:          192.168.0.1\n+ Target Hostname:    argos\n+ Target
> Port:        80\n+ Start Time:         2011-12-12
> 19:00:05\n---------------------------------------------------------------------------\n+
> Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication for realm
> 'mrtg'\n+ No CGI Directories found (use '-C all' to force check all
> possible dirs)\n;
> ']: Socket operation on non-socket
> [5890] plug_set_key:internal_send(0)['3 Success/(null)=1;
> ']: Socket operation on non-socket
>
>
> El 11 de diciembre de 2011 18:54, Brandon Perry <bperry.volatile at gmail.com
> > escribió:
>
> Not sure of the proper way, but I clear the openvas cache by
>>
>> rm -rf /var/cache/openvas/*
>>
>> then restart openvassd
>>
>> 2011/12/11 Juan José Pavlik Salles <jjpavlik at gmail.com>:
>> > Something happend with nikto.nasl's signature:
>> >
>> > root at openvas:~# openvas-nasl -p nikto.nasl
>> >
>> > nikto.nasl: Not able to open nor to locate it in include paths
>> > root at openvas:~# openvas-nasl -p /var/lib/openvas/plugins/nikto.nasl
>> > /var/lib/openvas/plugins/nikto.nasl: bad or missing signature. Will not
>> > execute this script
>> >
>> > I removed nikto.nasl and nikto.nasl.asc, rsynced the nvts but the
>> problem
>> > persists. That's why nikto is not in my reports now. Did someone change
>> the
>> > script??? Maybe disabling the signed nasl i could make i work???
>> >
>> > El 11 de diciembre de 2011 18:09, Brandon Perry <
>> bperry.volatile at gmail.com>
>> > escribió:
>> >
>> >> Run the nasl with openvas-nasl now from your home dir, relatively. See
>> >> what it spits out. Possibly making it more verbose if need be.
>> >>
>> >> 2011/12/11 Juan José Pavlik Salles <jjpavlik at gmail.com>:
>> >> > Hi Christian! This is my .bashrc right now:
>> >> >
>> >> > root at openvas:~# head .bashrc
>> >> > # ~/.bashrc: executed by bash(1) for non-login shells.
>> >> > # see /usr/share/doc/bash/examples/startup-files (in the package
>> >> > bash-doc)
>> >> > # for examples
>> >> > export
>> >> >
>> >> >
>> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto:/opt/arachni-v0.3-cde
>> >> >
>> >> > alias sudo="sudo env PATH=$PATH"
>> >> >
>> >> > # If not running interactively, don't do anything
>> >> > [ -z "$PS1" ] && return
>> >> >
>> >> > # don't put duplicate lines in the history. See bash(1) for more
>> options
>> >> > root at openvas:~#
>> >> >
>> >> > But it still doesn't work, actually there's a little difference, i
>> don't
>> >> > get
>> >> > the "nikto not found" message in my reports now... don't think
>> that's a
>> >> > coincidence! I really thought this would be a lot easier haha trust
>> me!
>> >> >
>> >> > El 11 de diciembre de 2011 11:11, Christian Kuersteiner
>> >> > <ckuerste at gmx.ch>
>> >> > escribió:
>> >> >
>> >> >> On 12/09/2011 08:53 PM, Juan José Pavlik Salles wrote:
>> >> >>>
>> >> >>> I tried the alias solution:
>> >> >>>
>> >> >>> root at openvas:~/tools/pruebas# tail -3 /root/.bashrc
>> >> >>> #fi
>> >> >>> export
>> >> >>>
>> >> >>>
>> >> >>>
>> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
>> >> >>> alias sudo='sudo env PATH=$PATH'
>> >> >>> root at openvas:~/tools/pruebas#
>> >> >>
>> >> >>
>> >> >> Just for the record: I have this in my .bashrc:
>> >> >>
>> >> >> alias sudo="sudo env PATH=$PATH:/home/user/tools/nikto"
>> >> >>
>> >> >> which works like a charm for me. Note the double quotes: IIRC $PATH
>> >> >> will
>> >> >> be not evaluated in a single quote statement.
>> >> >>
>> >> >> Best regards,
>> >> >>
>> >> >> Christian
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > Pavlik Juan José
>> >> >
>> >> > _______________________________________________
>> >> > Openvas-discuss mailing list
>> >> > Openvas-discuss at wald.intevation.org
>> >> > http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> http://volatile-minds.blogspot.com -- blog
>> >> http://www.volatileminds.net -- website
>> >
>> >
>> >
>> >
>> > --
>> > Pavlik Juan José
>>
>>
>>
>> --
>> http://volatile-minds.blogspot.com -- blog
>> http://www.volatileminds.net -- website
>>
>
>
>
> --
> Pavlik Juan José
>



-- 
Pavlik Juan José
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20111213/4991f5b7/attachment.html>


More information about the Openvas-discuss mailing list