nikto -update not working for 2.1.6

sullo / nikto

Nikto web server scanner

Other

8.6k stars 1.24k forks source link

nikto -update not working for 2.1.6 #280

Closed anthraxx closed 9 years ago

anthraxx commented 9 years ago

Since version 2.1.6 the plugin update mechanics seem to be broken as the 2.1.6 directory does not seem to exist at the plugin update location:

> nikto -update
+ ERROR (302): Unable to get cirt.net/nikto/UPDATES/2.1.6/versions.txt

Please also make sure issue #279 gets attention as the plugin loading mechanics seem to be vulnerable against remote code execution via man-in-the-middle injected plugin updates.

sullo commented 9 years ago

This is expected behavior since 2.1.6 was never released on the web site. Proper update method is to use git for the 2.1.6 version. Issue #34 is to revamp the update system entirely.

anthraxx commented 9 years ago

yeah that makes sense, have not seen that issue

Hamm3rH3ad commented 8 years ago

What is the command for updating Nikto via Git (this is on a debian based machine)?

Thanks in advance.

sullo commented 8 years ago

git pull

On Thu, Mar 10, 2016 at 8:03 AM, Hamm3rH3ad notifications@github.com wrote:

What is the command for updating Nikto via Git (this is on a debian based machine)?

Thanks in advance.

— Reply to this email directly or view it on GitHub https://github.com/sullo/nikto/issues/280#issuecomment-194833324.

http://cirt.net | http://richsec.com/