[Openvas-discuss] Using nikto NASL

Brandon Perry bperry.volatile at gmail.com
Sat Dec 10 18:22:39 CET 2011


Could you echo your $PATH again? you can remove any personal info from it...

2011/12/10 Juan José Pavlik Salles <jjpavlik at gmail.com>:
> The only "strange" thing i can see, is that i don't have
> /etc/openvas/openvassd.conf file, and the gsa web interface shows me the
> running config saying: "From file: /etc/openvas/openvassd.conf", but there's
> no such file in my file system. There are others nasl plugins that works
> great... really dont get it.
>
> El 10 de diciembre de 2011 14:13, Brandon Perry <bperry.volatile at gmail.com>
> escribió:
>
>> This mean that openvas is fudging up some env variables. I've no idea
>> what it could be, perhaps making openvas run nasl's absosultely all
>> the time should be mandated? Would "fix" this bug...
>>
>> 2011/12/10 Juan José Pavlik Salles <jjpavlik at gmail.com>:
>> > You are right, if i run it like this:
>> >
>> > openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugins/nikto.nasl -X
>> >
>> > works great.
>> >
>> > El 10 de diciembre de 2011 14:08, Brandon Perry
>> > <bperry.volatile at gmail.com>
>> > escribió:
>> >
>> >> In that example, you are running it "relatively", that is relative to
>> >> the environment you are in.
>> >>
>> >> Run it "absolutely". Give it the absolute path to the nasl, not a
>> >> relative path dependent on your env.
>> >> ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl -X
>> >>
>> >> 2011/12/10 Juan José Pavlik Salles <jjpavlik at gmail.com>:
>> >> > If i run it out of /var/lib/openvas/pluings:
>> >> >
>> >> > root at openvas:~/tools/pruebas# openvas-nasl -t 200.16.16.50 nikto.nasl
>> >> > -X
>> >> > nikto.nasl: Not able to open nor to locate it in include paths
>> >> >
>> >> > I'm really confused, now i don't even get the "nikto not found"
>> >> > message
>> >> > in
>> >> > my reports anymore.
>> >> >
>> >> > El 10 de diciembre de 2011 14:02, Brandon Perry
>> >> > <bperry.volatile at gmail.com>
>> >> > escribió:
>> >> >
>> >> >> Ah, ha. Try this then. CD out of the plugins dir, to say, ~. Then
>> >> >> run
>> >> >> the nikto nasl absolutely, rather than relatively.
>> >> >>
>> >> >> If this works, then there are some oddities in the environment of
>> >> >> openvas.
>> >> >>
>> >> >> ~# openvas-nasl -t 200.16.16.50 /var/lib/openvas/plugin/nikto.nasl
>> >> >> -X
>> >> >>
>> >> >> 2011/12/10 Juan José Pavlik Salles <jjpavlik at gmail.com>:
>> >> >> > I've news! if i cd to /var/lib/openvas/plugins i can run
>> >> >> > nikto.nasl
>> >> >> > like
>> >> >> > this;
>> >> >> >
>> >> >> > root at openvas:/var/lib/openvas/plugins# openvas-nasl -t
>> >> >> > 200.16.16.50
>> >> >> > nikto.nasl -X
>> >> >> > - Nikto v2.1.4
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > ---------------------------------------------------------------------------
>> >> >> > + Target IP:          192.168.1.5
>> >> >> > + Target Hostname:    virtual-test
>> >> >> > + Target Port:        80
>> >> >> > + Start Time:         2011-12-11 13:37:04
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > ---------------------------------------------------------------------------
>> >> >> > + Server: Apache/2.2.15 (Linux/SUSE)
>> >> >> > + / - Requires Authentication for realm 'mrtg'
>> >> >> > + No CGI Directories found (use '-C all' to force check all
>> >> >> > possible
>> >> >> > dirs)
>> >> >> > + Apache/2.2.15 appears to be outdated (current is at least
>> >> >> > Apache/2.2.19).
>> >> >> > Apache 1.3.42 (final release) and 2.0.64 are also current.
>> >> >> > + OSVDB-877: HTTP TRACE method is active, suggesting the host is
>> >> >> > vulnerable
>> >> >> > to XST
>> >> >> > + OSVDB-3268: /icons/: Directory indexing found.
>> >> >> > + OSVDB-3233: /icons/README: Apache default file found.
>> >> >> > + 6456 items checked: 33 error(s) and 4 item(s) reported on remote
>> >> >> > host
>> >> >> > + End Time:           2011-12-11 13:49:14 (730 seconds)
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > ---------------------------------------------------------------------------
>> >> >> > + 1 host(s) tested
>> >> >> >
>> >> >> > [22289] plug_set_key:internal_send(0)['1 SentData/(null)/NOTE=Here
>> >> >> > is
>> >> >> > the
>> >> >> > Nikto report:\n- Nikto
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > v2.1.4\n---------------------------------------------------------------------------\n+
>> >> >> > Target IP:          192.168.1.5\n+ Target Hostname:
>> >> >> > virtual-test\n+
>> >> >> > Target Port:        80\n+ Start Time:         2011-12-11
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > 13:37:04\n---------------------------------------------------------------------------\n+
>> >> >> > Server: Apache/2.2.15 (Linux/SUSE)\n+ / - Requires Authentication
>> >> >> > for
>> >> >> > realm
>> >> >> > 'mrtg'\n+ No CGI Directories found (use '-C all' to force check
>> >> >> > all
>> >> >> > possible
>> >> >> > dirs)\n+ Apache/2.2.15 appears to be outdated (current is at least
>> >> >> > Apache/2.2.19). Apache 1.3.42 (final release) and 2.0.64 are also
>> >> >> > current.\n+ OSVDB-877: HTTP TRACE method is active, suggesting the
>> >> >> > host
>> >> >> > is
>> >> >> > vulnerable to XST\n+ OSVDB-3268: /icons/: Directory indexing
>> >> >> > found.\n+
>> >> >> > OSVDB-3233: /icons/README: Apache default file found.\n+ 6456
>> >> >> > items
>> >> >> > checked:
>> >> >> > 33 error(s) and 4 item(s) reported on remote host\n+ End Time:
>> >> >> > 2011-12-11 13:49:14 (730
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > seconds)\n---------------------------------------------------------------------------\n+
>> >> >> > 1 host(s) tested\n;
>> >> >> > ']: Socket operation on non-socket
>> >> >> > [22289] plug_set_key:internal_send(0)['3 Success/(null)=1;
>> >> >> > ']: Socket operation on non-socket
>> >> >> >
>> >> >> > BUT... i don't get it to work on my scan configs! Really no F clue
>> >> >> > about
>> >> >> > this...
>> >> >> >
>> >> >> > El 9 de diciembre de 2011 19:15, Juan José Pavlik Salles
>> >> >> > <jjpavlik at gmail.com> escribió:
>> >> >> >
>> >> >> >> Here is more info:
>> >> >> >>
>> >> >> >> root at openvas:/var/lib/openvas/plugins# ls -l
>> >> >> >> /usr/local/bin/nikto*
>> >> >> >> lrwxrwxrwx 1 root root 16 2011-12-09 02:33 /usr/local/bin/nikto
>> >> >> >> ->
>> >> >> >> /opt/nikto/nikto
>> >> >> >> lrwxrwxrwx 1 root root 19 2011-12-09 02:04
>> >> >> >> /usr/local/bin/nikto.pl
>> >> >> >> ->
>> >> >> >> /opt/nikto/nikto.pl
>> >> >> >> root at openvas:/var/lib/openvas/plugins# ls /opt/nikto/nikto*
>> >> >> >> /opt/nikto/nikto  /opt/nikto/nikto.conf  /opt/nikto/nikto.pl
>> >> >> >>
>> >> >> >> nikto is a copy of nikto.pl.
>> >> >> >>
>> >> >> >> El 9 de diciembre de 2011 19:05, Brandon Perry
>> >> >> >> <bperry.volatile at gmail.com>
>> >> >> >> escribió:
>> >> >> >>
>> >> >> >>> Also, 'which nikto.pl'
>> >> >> >>>
>> >> >> >>> 2011/12/9 Brandon Perry <bperry.volatile at gmail.com>:
>> >> >> >>> > What does 'which nikto' return
>> >> >> >>> >
>> >> >> >>> > 2011/12/9 Juan José Pavlik Salles <jjpavlik at gmail.com>:
>> >> >> >>> >> Here i come again, still can't make nikto work on my reports.
>> >> >> >>> >> Now i
>> >> >> >>> >> tried
>> >> >> >>> >> using nikto.nasl with openvas-nasl command, like this:
>> >> >> >>> >>
>> >> >> >>> >> root at openvas:/var/lib/openvas/plugins# openvas-nasl -t
>> >> >> >>> >> my_host
>> >> >> >>> >> nikto
>> >> >> >>> >> -X
>> >> >> >>> >> nikto: Not able to open nor to locate it in include paths
>> >> >> >>> >>
>> >> >> >>> >> There's definitly something wrong here... This is where nikto
>> >> >> >>> >> is:
>> >> >> >>> >>
>> >> >> >>> >> root at openvas:/var/lib/openvas/plugins# whereis nikto
>> >> >> >>> >> nikto: /etc/nikto.conf /usr/local/bin/nikto.pl
>> >> >> >>> >> /usr/local/bin/nikto
>> >> >> >>> >>
>> >> >> >>> >> Actually, /usr/local/bin/nikto and nikto.pl are symbolic
>> >> >> >>> >> links
>> >> >> >>> >> to
>> >> >> >>> >> /opt/nikto/nikto.pl. What else could i try???
>> >> >> >>> >>
>> >> >> >>> >> El 9 de diciembre de 2011 11:05, Juan José Pavlik Salles
>> >> >> >>> >> <jjpavlik at gmail.com> escribió:
>> >> >> >>> >>
>> >> >> >>> >>> I found this in my openvassd.dump log file:
>> >> >> >>> >>>
>> >> >> >>> >>> [15465](/var/lib/openvas/plugins/nikto.nasl) pread:
>> >> >> >>> >>> 'nikto.pl'
>> >> >> >>> >>> not
>> >> >> >>> >>> found
>> >> >> >>> >>> in $PATH
>> >> >> >>> >>> [15466](/var/lib/openvas/plugins/nikto.nasl) pread:
>> >> >> >>> >>> 'nikto.pl'
>> >> >> >>> >>> not
>> >> >> >>> >>> found
>> >> >> >>> >>> in $PATH
>> >> >> >>> >>>
>> >> >> >>> >>> No surprise though.
>> >> >> >>> >>>
>> >> >> >>> >>> El 9 de diciembre de 2011 10:53, Juan José Pavlik Salles
>> >> >> >>> >>> <jjpavlik at gmail.com> escribió:
>> >> >> >>> >>>
>> >> >> >>> >>>> I tried the alias solution:
>> >> >> >>> >>>>
>> >> >> >>> >>>> root at openvas:~/tools/pruebas# tail -3 /root/.bashrc
>> >> >> >>> >>>> #fi
>> >> >> >>> >>>> export
>> >> >> >>> >>>>
>> >> >> >>> >>>>
>> >> >> >>> >>>>
>> >> >> >>> >>>>
>> >> >> >>> >>>> PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/opt/nikto
>> >> >> >>> >>>> alias sudo='sudo env PATH=$PATH'
>> >> >> >>> >>>> root at openvas:~/tools/pruebas#
>> >> >> >>> >>>>
>> >> >> >>> >>>> without any luck... i also comment:
>> >> >> >>> >>>>
>> >> >> >>> >>>> #Defaults    env_reset
>> >> >> >>> >>>>
>> >> >> >>> >>>> In /etc/sudoers, because this line set reset enviroment
>> >> >> >>> >>>> variables
>> >> >> >>> >>>> as
>> >> >> >>> >>>> default. I'm really lost right now.
>> >> >> >>> >>>>
>> >> >> >>> >>>> El 9 de diciembre de 2011 06:07, Christian Kuersteiner
>> >> >> >>> >>>> <ckuerste at gmx.ch>
>> >> >> >>> >>>> escribió:
>> >> >> >>> >>>>
>> >> >> >>> >>>>> On 12/09/2011 11:45 AM, Juan José Pavlik Salles wrote:
>> >> >> >>> >>>>>>
>> >> >> >>> >>>>>> I've already put nikto's path in .bashrc, but it doesn't
>> >> >> >>> >>>>>> work.
>> >> >> >>> >>>>>> Why
>> >> >> >>> >>>>>> openvas isn't seeing the same PATH var that i see??? any
>> >> >> >>> >>>>>> clue?
>> >> >> >>> >>>>>>
>> >> >> >>> >>>>>> root at openvas:~/tools/pruebas# tail ../../.bashrc
>> >> >> >>> >>>>>>     . ~/.bash_aliases
>> >> >> >>> >>>>>> fi
>> >> >> >>> >>>>>
>> >> >> >>> >>>>>
>> >> >> >>> >>>>> sudo path is not the same as root path in Ubuntu
>> >> >> >>> >>>>> (--with-secure-path).
>> >> >> >>> >>>>> In Ubuntu I used the alias solution in
>> >> >> >>> >>>>>
>> >> >> >>> >>>>>
>> >> >> >>> >>>>> http://stackoverflow.com/questions/257616/sudo-changes-path-why
>> >> >> >>> >>>>>
>> >> >> >>> >>>>> HTH
>> >> >> >>> >>>>>
>> >> >> >>> >>>>> Christian
>> >> >> >>> >>>>>
>> >> >> >>> >>>>
>> >> >> >>> >>>>
>> >> >> >>> >>>>
>> >> >> >>> >>>> --
>> >> >> >>> >>>> Pavlik Juan José
>> >> >> >>> >>>
>> >> >> >>> >>>
>> >> >> >>> >>>
>> >> >> >>> >>>
>> >> >> >>> >>> --
>> >> >> >>> >>> Pavlik Juan José
>> >> >> >>> >>
>> >> >> >>> >>
>> >> >> >>> >>
>> >> >> >>> >>
>> >> >> >>> >> --
>> >> >> >>> >> Pavlik Juan José
>> >> >> >>> >>
>> >> >> >>> >> _______________________________________________
>> >> >> >>> >> Openvas-discuss mailing list
>> >> >> >>> >> Openvas-discuss at wald.intevation.org
>> >> >> >>> >>
>> >> >> >>> >>
>> >> >> >>> >> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
>> >> >> >>> >>
>> >> >> >>> >
>> >> >> >>> >
>> >> >> >>> >
>> >> >> >>> > --
>> >> >> >>> > http://volatile-minds.blogspot.com -- blog
>> >> >> >>> > http://www.volatileminds.net -- website
>> >> >> >>>
>> >> >> >>>
>> >> >> >>>
>> >> >> >>> --
>> >> >> >>> http://volatile-minds.blogspot.com -- blog
>> >> >> >>> http://www.volatileminds.net -- website
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> --
>> >> >> >> Pavlik Juan José
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > --
>> >> >> > Pavlik Juan José
>> >> >>
>> >> >>
>> >> >>
>> >> >> --
>> >> >> http://volatile-minds.blogspot.com -- blog
>> >> >> http://www.volatileminds.net -- website
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > Pavlik Juan José
>> >>
>> >>
>> >>
>> >> --
>> >> http://volatile-minds.blogspot.com -- blog
>> >> http://www.volatileminds.net -- website
>> >
>> >
>> >
>> >
>> > --
>> > Pavlik Juan José
>>
>>
>>
>> --
>> http://volatile-minds.blogspot.com -- blog
>> http://www.volatileminds.net -- website
>
>
>
>
> --
> Pavlik Juan José



-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website


More information about the Openvas-discuss mailing list