wireghoul
commented
6 years ago Do you still have the file or a way to reproduce this?
Closed djsekops closed 3 years ago
wireghoul
commented
6 years ago Do you still have the file or a way to reproduce this?
djsekops
commented
6 years ago Hi
Not sure, perhaps. I’ll see what I can find over the weekend and let you know.
Jon
From: Eldar Marcussen notifications@github.com Sent: Monday, January 29, 2018 6:11 pm Subject: Re: [sullo/nikto] Invalid XML files from Nikto (#467) To: sullo/nikto nikto@noreply.github.com Cc: Kalaratri jonspokes@outlook.es, Author author@noreply.github.com
Do you still have the file or a way to reproduce this?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/sullo/nikto/issues/467#issuecomment-361157961, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AY4MEgnfrwgAtw_H8VryJeO3V8e-lqFMks5tPW84gaJpZM4MwZn2.
chrisalibby
commented
5 years ago I am noticing a similar problem. The XML output contains an extra
<?xml version="1.0" ?>
<!DOCTYPE niktoscan SYSTEM "/var/lib/nikto/docs/nikto.dtd">
<niktoscan>
<niktoscan>
<scandetails >
<item >
</item>
</scandetails>
</niktoscan>
</niktoscan>
sullo
commented
3 years ago The updated XML format is only slightly different than before. TLDR; The outermost <niktoscan> elements have been updated as <niktoscans>. This required the order of report opening to change.
The new schema is, essentially:
<niktoscans> # Wrapper for this invocation of Nikto
<niktoscan> # Scan of one host (ip+name+port+protocol); multiple allowed
<scandetails> # Details of the scan
<item></item> # Scan item (finding); mulitple allowed
</scandetails> # Closing Details of the scan
</niktoscan> # Closing Scan of one host
</niktoscans> # Closing the Wrapper for this invocation of NiktoClosed with #670
Hi
I'm having trouble with the XML reports. For example a command like this results in an invalid XML file:
nikto -p 80 -h file_of_http_hosts.txt -Format XML -o nikto_output_http_hosts.xml
When trying to import this into Metasploit I receive this error:
msf > db_import lnikto_output_http_hosts.xml [*] Importing 'Nikto XML' data [-] Failed to import /nikto_output_http_hosts.xml due to malformed XML: [-] REXML::ParseException: No close tag for /niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan[2]/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan[3]/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan Line: 4676 Position: 259370 Last 80 unconsumed characters:
I've tried checking the XML file with a third party tool, and it too found it was invalid XML
Any ideas as to how this could be resolved?
Thanks