Closed ethicalhack3r closed 9 years ago
Seems to work on a different box, so must be specific to that box (Kali).
Tested on 2 other Kali boxes with the same error, so must affect all Kali boxes when using the latest Github code
I can confirm that this error exists.
Did you do a git pull on kali? They change file locations and things tend to break as A git pull totally borks things as then there is a configuration file and source in the local directory as well as Kali's directories, and nikto.pl is one version and plugins another.
On Mar 25, 2014, at 6:15 AM, Thomas Mackenzie notifications@github.com wrote:
I can confirm that this error exists.
— Reply to this email directly or view it on GitHub.
I just did git clone in a totally different directory and then did the same as Ryan above.
It's definitely Kali specific: I did a git pull on Windows earlier today and it works fine!
This seems to be the problem: 'Host' => '1395740653:178.79.147.242'
Which suggests it's something to do with the IP lookup within Kali, I'll see if I've got a spare VM running it and have a look.
Right, found the problem. The pithy answer is that you should throw Kali away and roll your own version. But that doesn't help.
It's to do with how it's loading the configuration file and most importantly the PLUGINDIR, for where it loads nikto-core.plugin from. By default the PLUGINDIR isn't defined as it works this out from where nikto is called from.
But Kali mess about with this and set PLUGINDIR in /etc/nikto.conf. So that when nikto loads it config (from /etc/, $HOME, $0 and $pwd in that order), everything else but PLUGINDIR is overwritten.
So you're using the latest version of nikto.pl; but it's trying to use the plugins and databases of the really old version installed in Kali.
Technically this is working as documented: http://cirt.net/nikto2-docs/configuration.html but obviously this isn't working as hoped so I need to think of a decent work around. It may be that if it finds a new config file it automagically updates EXECDIR and all dependent variables.
That's what I said, but in the "I just woke up and I'm using my phone language." Mostly.
I'm going to blame Kali again and hope they don't try to sue us for trademark infringement by using their name in the title.
One of the offsec guys told me the simple answer to why they put the conf in etc is that they follow this: http://www.pathname.com/fhs/
I haven't read it yet; standards... who needs 'em?
As I already mentioned to Chris, configs are "moved" around in Kali to compy with FHS (http://www.pathname.com/fhs/). Debian does it and therefore so do we. Also, it is a lot easier to fix these issues (i.e. a simple tool update in Kali) if people who notice them simply file a bug ticket at https://bugs.kali.org/. That is a sure way to get the fastest response from us. UPDATE: I have already added that update request so there is no need to do it any more.
A request to upgrade Nikto to the most recent checkout has been submitted on our bug tracker (https://bugs.kali.org/view.php?id=1111) and assuming all goes smoothly, it will be in the repos soon.
Sweet! So how do you manage upgrades directly -- when you make a release will you git pull it, or can the user do that somehow?
I'm about to revamp the upgrade system entirely and since I'm not sure how kali works to upgrade tools, I'd like to play nicely and not do something to make kali+nikto users mad or outdated.
On Mar 25, 2014, at 4:35 PM, dookie2000ca notifications@github.com wrote:
A request to upgrade Nikto to the most recent checkout has been submitted on our bug tracker (https://bugs.kali.org/view.php?id=1111) and assuming all goes smoothly, it will be in the repos soon.
— Reply to this email directly or view it on GitHub.
Btw dookie, trademark comments are simply because I don't like Iggy any more!
no offense intended, except to him. ;)
On Mar 25, 2014, at 4:35 PM, dookie2000ca notifications@github.com wrote:
A request to upgrade Nikto to the most recent checkout has been submitted on our bug tracker (https://bugs.kali.org/view.php?id=1111) and assuming all goes smoothly, it will be in the repos soon.
— Reply to this email directly or view it on GitHub.
Any more?? That just made me happy because it means you did at one time ;)
To be Debian/FHS compliant, your tool shouldn't self-update unless you have it under the users home directory, for instance. An easy way for us to keep current and know when changes are available is to tag your git commits. With tags, we can then have the debian watch file check for new versions automatically. We do this with the exploit-database project (https://github.com/offensive-security/exploit-database/tags). for example: git tag -a 03252014 -m "03252014 Update"
If you have any other questions or want to bounce ideas off me, that ronin yahoo can give you my details :-)
Closing as this really isn't relevant, unless we want to make Nikto FHS compliant.
Hi Teanm,
Iam getting very frequently below error
Please can advice.
Thanks.
@Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here.
Also please open a new issue for any future problems, thanks!
i tried to clone repo and started testing . but getting below error. but prior to that i uninstalled nikto which was by default provided by kali linux. because when I ran testing still the version is showing as 2.1.6 Can't locate /var/lib/nikto/plugins/nikto_core.plugin at ./nikto.pl line 54.
Please give me some advice.
Thanks.
On Thu, Jul 21, 2022 at 2:34 AM sullo @.***> wrote:
@Damuammu https://github.com/Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here https://github.com/sullo/nikto/tree/nikto-2.5.0.
Also please open a new issue for any future problems, thanks!
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1190756452, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFXDKM4YPDZLFI453DJWITVVBSW7ANCNFSM4ANSFUWA . You are receiving this because you were mentioned.Message ID: @.***>
look for a nikto.conf file in /etc and if you find it, delete it.
On Thu, Jul 21, 2022 at 3:13 AM Damuammu @.***> wrote:
i tried to clone repo and started testing . but getting below error. but prior to that i uninstalled nikto which was by default provided by kali linux. because when I ran testing still the version is showing as 2.1.6 Can't locate /var/lib/nikto/plugins/nikto_core.plugin at ./nikto.pl line 54.
Please give me some advice.
Thanks.
On Thu, Jul 21, 2022 at 2:34 AM sullo @.***> wrote:
@Damuammu https://github.com/Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here https://github.com/sullo/nikto/tree/nikto-2.5.0.
Also please open a new issue for any future problems, thanks!
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1190756452, or unsubscribe < https://github.com/notifications/unsubscribe-auth/AAFXDKM4YPDZLFI453DJWITVVBSW7ANCNFSM4ANSFUWA
. You are receiving this because you were mentioned.Message ID: @.***>
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191128365, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALICRAZ2UXWN5RNX3E5XTTVVD2BXANCNFSM4ANSFUWA . You are receiving this because you commented.Message ID: @.***>
--
Hi sir,
its still loading older version 2.16
i deleted file config file this is really surprise to me
└─$ locate nikto.conf 1 ⨯ /etc/nikto.conf -------------------------->>> deleted /home/infector/nikto/program/nikto.conf.default ------------------------------> renamed to nikto.conf.default_bck /home/infector/tools/02 infogather/nikto/program/nikto.conf.default ---------------> this is new version
Please advice.
Thanks
@sullo please can help on this
At this point I'd recommend removing 2.5.0 from the github install and running a find for all nikto files to delete them, then reinstall from GitHub.
I can't be of more help--Kali follows a certain unix standard and distributes nikto across the OS, and that's now how it's intended to be installed from this project. This is why I don't support Kali.
If you have any issues after that please ask, but open a new issue to consolidate the discussion, please don't continue in this closed issue.
Hi sir,
its still loading older version 2.16
i deleted file config file this is really surprise to me
└─$ locate nikto.conf
1 ⨯
/etc/nikto.conf -------------------------->>> deleted /home/infector/nikto/program/nikto.conf.default ------------------------------> renamed to nikto.conf.default_bck /home/infector/tools/02 infogather/nikto/program/nikto.conf.default ---------------> this is new version
Please advice.
Thanks.
On Thu, Jul 21, 2022 at 6:36 PM sullo @.***> wrote:
look for a nikto.conf file in /etc and if you find it, delete it.
On Thu, Jul 21, 2022 at 3:13 AM Damuammu @.***> wrote:
i tried to clone repo and started testing . but getting below error. but prior to that i uninstalled nikto which was by default provided by kali linux. because when I ran testing still the version is showing as 2.1.6 Can't locate /var/lib/nikto/plugins/nikto_core.plugin at ./nikto.pl line 54.
Please give me some advice.
Thanks.
On Thu, Jul 21, 2022 at 2:34 AM sullo @.***> wrote:
@Damuammu https://github.com/Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here https://github.com/sullo/nikto/tree/nikto-2.5.0.
Also please open a new issue for any future problems, thanks!
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1190756452, or unsubscribe <
https://github.com/notifications/unsubscribe-auth/AAFXDKM4YPDZLFI453DJWITVVBSW7ANCNFSM4ANSFUWA
. You are receiving this because you were mentioned.Message ID: @.***>
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191128365, or unsubscribe < https://github.com/notifications/unsubscribe-auth/AALICRAZ2UXWN5RNX3E5XTTVVD2BXANCNFSM4ANSFUWA
. You are receiving this because you commented.Message ID: @.***>
--
https://cirt.net | https://rvasec.com/
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191462134, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFXDKJOS5VIIAGYS4E2JXTVVFDMVANCNFSM4ANSFUWA . You are receiving this because you were mentioned.Message ID: @.***>
Could you please open a new issue so we can talk about this more?
On Thu, Jul 21, 2022 at 4:48 PM Damuammu @.***> wrote:
Hi sir,
its still loading older version 2.16
i deleted file config file this is really surprise to me
└─$ locate nikto.conf 1 ⨯ /etc/nikto.conf -------------------------->>> deleted /home/infector/nikto/program/nikto.conf.default ------------------------------> renamed to nikto.conf.default_bck /home/infector/tools/02 infogather/nikto/program/nikto.conf.default ---------------> this is new version
Please advice.
Thanks
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191918539, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALICRCXVIW3AD736EVDFYLVVGZQRANCNFSM4ANSFUWA . You are receiving this because you commented.Message ID: @.***>
--
From the latest Github code, seems to be the same for any host. On the same box with v2.1.5 it works so seems to be something specific to the Github code.