ethicalhack3r
commented
10 years ago Seems to work on a different box, so must be specific to that box (Kali).
Closed ethicalhack3r closed 9 years ago
ethicalhack3r
commented
10 years ago Seems to work on a different box, so must be specific to that box (Kali).
ethicalhack3r
commented
10 years ago Tested on 2 other Kali boxes with the same error, so must affect all Kali boxes when using the latest Github code
tmacuk
commented
10 years ago I can confirm that this error exists.
sullo
commented
10 years ago Did you do a git pull on kali? They change file locations and things tend to break as A git pull totally borks things as then there is a configuration file and source in the local directory as well as Kali's directories, and nikto.pl is one version and plugins another.
On Mar 25, 2014, at 6:15 AM, Thomas Mackenzie notifications@github.com wrote:
I can confirm that this error exists.
— Reply to this email directly or view it on GitHub.
tmacuk
commented
10 years ago I just did git clone in a totally different directory and then did the same as Ryan above.
tautology0
commented
10 years ago It's definitely Kali specific: I did a git pull on Windows earlier today and it works fine!
This seems to be the problem: 'Host' => '1395740653:178.79.147.242'
Which suggests it's something to do with the IP lookup within Kali, I'll see if I've got a spare VM running it and have a look.
tautology0
commented
10 years ago Right, found the problem. The pithy answer is that you should throw Kali away and roll your own version. But that doesn't help.
It's to do with how it's loading the configuration file and most importantly the PLUGINDIR, for where it loads nikto-core.plugin from. By default the PLUGINDIR isn't defined as it works this out from where nikto is called from.
But Kali mess about with this and set PLUGINDIR in /etc/nikto.conf. So that when nikto loads it config (from /etc/, $HOME, $0 and $pwd in that order), everything else but PLUGINDIR is overwritten.
So you're using the latest version of nikto.pl; but it's trying to use the plugins and databases of the really old version installed in Kali.
Technically this is working as documented: http://cirt.net/nikto2-docs/configuration.html but obviously this isn't working as hoped so I need to think of a decent work around. It may be that if it finds a new config file it automagically updates EXECDIR and all dependent variables.
sullo
commented
10 years ago That's what I said, but in the "I just woke up and I'm using my phone language." Mostly.
I'm going to blame Kali again and hope they don't try to sue us for trademark infringement by using their name in the title.
sullo
commented
10 years ago One of the offsec guys told me the simple answer to why they put the conf in etc is that they follow this: http://www.pathname.com/fhs/
I haven't read it yet; standards... who needs 'em?
offsecronin
commented
10 years ago As I already mentioned to Chris, configs are "moved" around in Kali to compy with FHS (http://www.pathname.com/fhs/). Debian does it and therefore so do we. Also, it is a lot easier to fix these issues (i.e. a simple tool update in Kali) if people who notice them simply file a bug ticket at https://bugs.kali.org/. That is a sure way to get the fastest response from us. UPDATE: I have already added that update request so there is no need to do it any more.
dookie2000ca
commented
10 years ago A request to upgrade Nikto to the most recent checkout has been submitted on our bug tracker (https://bugs.kali.org/view.php?id=1111) and assuming all goes smoothly, it will be in the repos soon.
sullo
commented
10 years ago Sweet! So how do you manage upgrades directly -- when you make a release will you git pull it, or can the user do that somehow?
I'm about to revamp the upgrade system entirely and since I'm not sure how kali works to upgrade tools, I'd like to play nicely and not do something to make kali+nikto users mad or outdated.
On Mar 25, 2014, at 4:35 PM, dookie2000ca notifications@github.com wrote:
A request to upgrade Nikto to the most recent checkout has been submitted on our bug tracker (https://bugs.kali.org/view.php?id=1111) and assuming all goes smoothly, it will be in the repos soon.
— Reply to this email directly or view it on GitHub.
sullo
commented
10 years ago Btw dookie, trademark comments are simply because I don't like Iggy any more!
no offense intended, except to him. ;)
On Mar 25, 2014, at 4:35 PM, dookie2000ca notifications@github.com wrote:
A request to upgrade Nikto to the most recent checkout has been submitted on our bug tracker (https://bugs.kali.org/view.php?id=1111) and assuming all goes smoothly, it will be in the repos soon.
— Reply to this email directly or view it on GitHub.
offsecronin
commented
10 years ago Any more?? That just made me happy because it means you did at one time ;)
dookie2000ca
commented
10 years ago To be Debian/FHS compliant, your tool shouldn't self-update unless you have it under the users home directory, for instance. An easy way for us to keep current and know when changes are available is to tag your git commits. With tags, we can then have the debian watch file check for new versions automatically. We do this with the exploit-database project (https://github.com/offensive-security/exploit-database/tags). for example: git tag -a 03252014 -m "03252014 Update"
If you have any other questions or want to bounce ideas off me, that ronin yahoo can give you my details :-)
tautology0
commented
9 years ago Closing as this really isn't relevant, unless we want to make Nikto FHS compliant.
Damuammu
commented
2 years ago Hi Teanm,
Iam getting very frequently below error
Please can advice.
Thanks.
sullo
commented
2 years ago @Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here.
Also please open a new issue for any future problems, thanks!
Damuammu
commented
2 years ago i tried to clone repo and started testing . but getting below error. but prior to that i uninstalled nikto which was by default provided by kali linux. because when I ran testing still the version is showing as 2.1.6 Can't locate /var/lib/nikto/plugins/nikto_core.plugin at ./nikto.pl line 54.
Please give me some advice.
Thanks.
On Thu, Jul 21, 2022 at 2:34 AM sullo @.***> wrote:
@Damuammu https://github.com/Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here https://github.com/sullo/nikto/tree/nikto-2.5.0.
Also please open a new issue for any future problems, thanks!
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1190756452, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFXDKM4YPDZLFI453DJWITVVBSW7ANCNFSM4ANSFUWA . You are receiving this because you were mentioned.Message ID: @.***>
sullo
commented
2 years ago look for a nikto.conf file in /etc and if you find it, delete it.
On Thu, Jul 21, 2022 at 3:13 AM Damuammu @.***> wrote:
i tried to clone repo and started testing . but getting below error. but prior to that i uninstalled nikto which was by default provided by kali linux. because when I ran testing still the version is showing as 2.1.6 Can't locate /var/lib/nikto/plugins/nikto_core.plugin at ./nikto.pl line 54.
Please give me some advice.
Thanks.
On Thu, Jul 21, 2022 at 2:34 AM sullo @.***> wrote:
@Damuammu https://github.com/Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here https://github.com/sullo/nikto/tree/nikto-2.5.0.
Also please open a new issue for any future problems, thanks!
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1190756452, or unsubscribe < https://github.com/notifications/unsubscribe-auth/AAFXDKM4YPDZLFI453DJWITVVBSW7ANCNFSM4ANSFUWA
. You are receiving this because you were mentioned.Message ID: @.***>
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191128365, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALICRAZ2UXWN5RNX3E5XTTVVD2BXANCNFSM4ANSFUWA . You are receiving this because you commented.Message ID: @.***>
--
Damuammu
commented
2 years ago Hi sir,
its still loading older version 2.16
i deleted file config file this is really surprise to me
└─$ locate nikto.conf 1 ⨯ /etc/nikto.conf -------------------------->>> deleted /home/infector/nikto/program/nikto.conf.default ------------------------------> renamed to nikto.conf.default_bck /home/infector/tools/02 infogather/nikto/program/nikto.conf.default ---------------> this is new version
Please advice.
Thanks
Damuammu
commented
2 years ago @sullo please can help on this
sullo
commented
2 years ago At this point I'd recommend removing 2.5.0 from the github install and running a find for all nikto files to delete them, then reinstall from GitHub.
I can't be of more help--Kali follows a certain unix standard and distributes nikto across the OS, and that's now how it's intended to be installed from this project. This is why I don't support Kali.
If you have any issues after that please ask, but open a new issue to consolidate the discussion, please don't continue in this closed issue.
Damuammu
commented
1 year ago Hi sir,
its still loading older version 2.16
i deleted file config file this is really surprise to me
└─$ locate nikto.conf
1 ⨯/etc/nikto.conf -------------------------->>> deleted /home/infector/nikto/program/nikto.conf.default ------------------------------> renamed to nikto.conf.default_bck /home/infector/tools/02 infogather/nikto/program/nikto.conf.default ---------------> this is new version
Please advice.
Thanks.
On Thu, Jul 21, 2022 at 6:36 PM sullo @.***> wrote:
look for a nikto.conf file in /etc and if you find it, delete it.
On Thu, Jul 21, 2022 at 3:13 AM Damuammu @.***> wrote:
i tried to clone repo and started testing . but getting below error. but prior to that i uninstalled nikto which was by default provided by kali linux. because when I ran testing still the version is showing as 2.1.6 Can't locate /var/lib/nikto/plugins/nikto_core.plugin at ./nikto.pl line 54.
Please give me some advice.
Thanks.
On Thu, Jul 21, 2022 at 2:34 AM sullo @.***> wrote:
@Damuammu https://github.com/Damuammu we don't support the nikto version which is distributed with Kali. I would highly recommend you install version 2.50 from nikto's github here https://github.com/sullo/nikto/tree/nikto-2.5.0.
Also please open a new issue for any future problems, thanks!
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1190756452, or unsubscribe <
https://github.com/notifications/unsubscribe-auth/AAFXDKM4YPDZLFI453DJWITVVBSW7ANCNFSM4ANSFUWA
. You are receiving this because you were mentioned.Message ID: @.***>
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191128365, or unsubscribe < https://github.com/notifications/unsubscribe-auth/AALICRAZ2UXWN5RNX3E5XTTVVD2BXANCNFSM4ANSFUWA
. You are receiving this because you commented.Message ID: @.***>
--
https://cirt.net | https://rvasec.com/
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191462134, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFXDKJOS5VIIAGYS4E2JXTVVFDMVANCNFSM4ANSFUWA . You are receiving this because you were mentioned.Message ID: @.***>
sullo
commented
1 year ago Could you please open a new issue so we can talk about this more?
On Thu, Jul 21, 2022 at 4:48 PM Damuammu @.***> wrote:
Hi sir,
its still loading older version 2.16
i deleted file config file this is really surprise to me
└─$ locate nikto.conf 1 ⨯ /etc/nikto.conf -------------------------->>> deleted /home/infector/nikto/program/nikto.conf.default ------------------------------> renamed to nikto.conf.default_bck /home/infector/tools/02 infogather/nikto/program/nikto.conf.default ---------------> this is new version
Please advice.
Thanks
— Reply to this email directly, view it on GitHub https://github.com/sullo/nikto/issues/116#issuecomment-1191918539, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALICRCXVIW3AD736EVDFYLVVGZQRANCNFSM4ANSFUWA . You are receiving this because you commented.Message ID: @.***>
--
From the latest Github code, seems to be the same for any host. On the same box with v2.1.5 it works so seems to be something specific to the Github code.