[Openvas-discuss] Using nikto NASL

Juan José Pavlik Salles jjpavlik at gmail.com
Sat Dec 10 18:06:57 CET 2011


If i run it out of /var/lib/openvas/pluings:

root at openvas:~/tools/pruebas# openvas-nasl -t 200.16.16.50 nikto.nasl -X
nikto.nasl: Not able to open nor to locate it in include paths

I'm really confused, now i don't even get the "nikto not found" message in
my reports anymore.

El 10 de diciembre de 2011 14:02, Brandon Perry
<bperry.volatile at gmail.com>escribió:

> Ah, ha. Try this then. CD out of the plugins dir, to say, ~. Then run
> the nikto nasl absolutely, rather than relatively.
>
> If this works, then there are some oddities in the environment of openvas.
>
> ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X
>
> 2011/12/10 Juan José Pavlik Salles <jjpavlik at gmail.com>:
> > I've news! if i cd to /var/lib/openvas/plugins i can run nikto.nasl like
> > this;
> >
> > root at openvas:/var/lib/openvas/plugins# openvas-nasl -t 200.16.16.50
> > nikto.nasl -X
> > - Nikto v2.1.4
> >
> ---------------------------------------------------------------------------
> > + Target IP:          192.168.1.5
> > + Target Hostname:    virtual-test
> > + Target Port:        80
> > + Start Time:         2011-12-11 13:37:04
> >
> ---------------------------------------------------------------------------
> > + Server: Apache/2.2.15 (Linux/SUSE)
> > + / - Requires Authentication for realm 'mrtg'
> > + No CGI Directories found (use '-C all' to force check all possible
> dirs)
> > + Apache/2.2.15 appears to be outdated (current is at least
> Apache/2.2.19).
> > Apache 1.3.42 (final release) and 2.0.64 are also current.
> > + OSVDB-877: HTTP TRACE method is active, suggesting the host is
> vulnerable
> > to XST
> > + OSVDB-3268: /icons/: Directory indexing found.
> > + OSVDB-3233: /icons/README: Apache default file found.
> > + 6456 items checked: 33 error(s) and 4 item(s) reported on remote host
> > + End Time:           2011-12-11 13:49:14 (730 seconds)
> >
> ---------------------------------------------------------------------------
> > + 1 host(s) tested
> >
> > [22289] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here is the
> > Nikto report:\n- Nikto
> >
> v2.1.4\n---------------------------------------------------------------------------\n+
> > Target IP:          192.168.1.5\n+ Target Hostname:    virtual-test\n+
> > Target Port:        80\n+ Start Time:         2011-12-11
> >
> 13:37:04\n---------------------------------------------------------------------------\n+
> > Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication for
> realm
> > 'mrtg'\n+ No CGI Directories found (use '-C all' to force check all
> possible
> > dirs)\n+ Apache/2.2.15 appears to be outdated (current is at least
> > Apache/2.2.19). Apache 1.3.42 (final release) and 2.0.64 are also
> > current.\n+ OSVDB-877: HTTP TRACE method is active, suggesting the host
> is
> > vulnerable to XST\n+ OSVDB-3268: /icons/: Directory indexing found.\n+
> > OSVDB-3233: /icons/README: Apache default file found.\n+ 6456 items
> checked:
> > 33 error(s) and 4 item(s) reported on remote host\n+ End Time:
> > 2011-12-11 13:49:14 (730
> >
> seconds)\n---------------------------------------------------------------------------\n+
> > 1 host(s) tested\n;
> > ']: Socket operation on non-socket
> > [22289] plug_set_key:internal_send(0)['3 Success/(null)=1;
> > ']: Socket operation on non-socket
> >
> > BUT... i don't get it to work on my scan configs! Really no F clue about
> > this...
> >
> > El 9 de diciembre de 2011 19:15, Juan José Pavlik Salles
> > <jjpavlik at gmail.com> escribió:
> >
> >> Here is more info:
> >>
> >> root at openvas:/var/lib/openvas/plugins# ls -l /usr/local/bin/nikto*
> >> lrwxrwxrwx 1 root root 16 2011-12-09 02:33 /usr/local/bin/nikto ->
> >> /opt/nikto/nikto
> >> lrwxrwxrwx 1 root root 19 2011-12-09 02:04 /usr/local/bin/nikto.pl ->
> >> /opt/nikto/nikto.pl
> >> root at openvas:/var/lib/openvas/plugins# ls /opt/nikto/nikto*
> >> /opt/nikto/nikto  /opt/nikto/nikto.conf  /opt/nikto/nikto.pl
> >>
> >> nikto is a copy of nikto.pl.
> >>
> >> El 9 de diciembre de 2011 19:05, Brandon Perry <
> bperry.volatile at gmail.com>
> >> escribió:
> >>
> >>> Also, 'which nikto.pl'
> >>>
> >>> 2011/12/9 Brandon Perry <bperry.volatile at gmail.com>:
> >>> > What does 'which nikto' return
> >>> >
> >>> > 2011/12/9 Juan José Pavlik Salles <jjpavlik at gmail.com>:
> >>> >> Here i come again, still can't make nikto work on my reports. Now i
> >>> >> tried
> >>> >> using nikto.nasl with openvas-nasl command, like this:
> >>> >>
> >>> >> root at openvas:/var/lib/openvas/plugins# openvas-nasl -t my_host
> nikto
> >>> >> -X
> >>> >> nikto: Not able to open nor to locate it in include paths
> >>> >>
> >>> >> There's definitly something wrong here... This is where nikto is:
> >>> >>
> >>> >> root at openvas:/var/lib/openvas/plugins# whereis nikto
> >>> >> nikto: /etc/nikto.conf /usr/local/bin/nikto.pl /usr/local/bin/nikto
> >>> >>
> >>> >> Actually, /usr/local/bin/nikto and nikto.pl are symbolic links to
> >>> >> /opt/nikto/nikto.pl. What else could i try???
> >>> >>
> >>> >> El 9 de diciembre de 2011 11:05, Juan José Pavlik Salles
> >>> >> <jjpavlik at gmail.com> escribió:
> >>> >>
> >>> >>> I found this in my openvassd.dump log file:
> >>> >>>
> >>> >>> [15465](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl' not
> >>> >>> found
> >>> >>> in $PATH
> >>> >>> [15466](/var/lib/openvas/plugins/nikto.nasl) pread: 'nikto.pl' not
> >>> >>> found
> >>> >>> in $PATH
> >>> >>>
> >>> >>> No surprise though.
> >>> >>>
> >>> >>> El 9 de diciembre de 2011 10:53, Juan José Pavlik Salles
> >>> >>> <jjpavlik at gmail.com> escribió:
> >>> >>>
> >>> >>>> I tried the alias solution:
> >>> >>>>
> >>> >>>> root at openvas:~/tools/pruebas# tail -3 /root/.bashrc
> >>> >>>> #fi
> >>> >>>> export
> >>> >>>>
> >>> >>>>
> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
> >>> >>>> alias sudo='sudo env PATH=$PATH'
> >>> >>>> root at openvas:~/tools/pruebas#
> >>> >>>>
> >>> >>>> without any luck... i also comment:
> >>> >>>>
> >>> >>>> #Defaults    env_reset
> >>> >>>>
> >>> >>>> In /etc/sudoers, because this line set reset enviroment variables
> as
> >>> >>>> default. I'm really lost right now.
> >>> >>>>
> >>> >>>> El 9 de diciembre de 2011 06:07, Christian Kuersteiner
> >>> >>>> <ckuerste at gmx.ch>
> >>> >>>> escribió:
> >>> >>>>
> >>> >>>>> On 12/09/2011 11:45 AM, Juan José Pavlik Salles wrote:
> >>> >>>>>>
> >>> >>>>>> I've already put nikto's path in .bashrc, but it doesn't work.
> Why
> >>> >>>>>> openvas isn't seeing the same PATH var that i see??? any clue?
> >>> >>>>>>
> >>> >>>>>> root at openvas:~/tools/pruebas# tail ../../.bashrc
> >>> >>>>>>     . ~/.bash_aliases
> >>> >>>>>> fi
> >>> >>>>>
> >>> >>>>>
> >>> >>>>> sudo path is not the same as root path in Ubuntu
> >>> >>>>> (--with-secure-path).
> >>> >>>>> In Ubuntu I used the alias solution in
> >>> >>>>> http://stackoverflow.com/questions/257616/sudo-changes-path-why
> >>> >>>>>
> >>> >>>>> HTH
> >>> >>>>>
> >>> >>>>> Christian
> >>> >>>>>
> >>> >>>>
> >>> >>>>
> >>> >>>>
> >>> >>>> --
> >>> >>>> Pavlik Juan José
> >>> >>>
> >>> >>>
> >>> >>>
> >>> >>>
> >>> >>> --
> >>> >>> Pavlik Juan José
> >>> >>
> >>> >>
> >>> >>
> >>> >>
> >>> >> --
> >>> >> Pavlik Juan José
> >>> >>
> >>> >> _______________________________________________
> >>> >> Openvas-discuss mailing list
> >>> >> Openvas-discuss at wald.intevation.org
> >>> >> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
> >>> >>
> >>> >
> >>> >
> >>> >
> >>> > --
> >>> > http://volatile-minds.blogspot.com -- blog
> >>> > http://www.volatileminds.net -- website
> >>>
> >>>
> >>>
> >>> --
> >>> http://volatile-minds.blogspot.com -- blog
> >>> http://www.volatileminds.net -- website
> >>
> >>
> >>
> >>
> >> --
> >> Pavlik Juan José
> >
> >
> >
> >
> > --
> > Pavlik Juan José
>
>
>
> --
> http://volatile-minds.blogspot.com -- blog
> http://www.volatileminds.net -- website
>



-- 
Pavlik Juan José
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20111210/fbf1518d/attachment.htm


More information about the Openvas-discuss mailing list