Nessus and Nikto

Viewing 5 reply threads
  • Author
    Posts
    • #8441
      Seen
      Participant

      I’ve been trying to integrate Nessus and Nikto.  I’ve followed all the instructions on this video:

      http://www.youtube.com/watch?v=6kHyAhFv7xg

      But when I run the scan nothing seems to happen.  Meaning no new vulnerabilities appear compared to a Nessus scan that doesn’t have Nikto enabled.

      The only information I was able to find in nessusd.messages was the following:


      launching nikto.nasl against 192.168.0.125 [1251]
      nikto.nasl (process 1251) finished its job in 0.010 seconds

      This seems incredibly fast compared to running Nikto from the command line, which works fine.  Does anyone have any ideas on how to get this working, or where on my system I could check to find additional information on what is happening?

      I’m running CentOS 6.4 x64 and Nessus 5.2.

      Thanks.

    • #52958
      m0wgli
      Participant

      I don’t know if this will help you or not, but, I found this thread on the Nessus forum.

    • #52959
      Seen
      Participant

      Looking at the audit trail, I see the following message:

      Nikto was not found in $PATH

      When logged in as root or a normal user Nikto is in my path.  Is there anyway to view the path nessus is using?  Or is there a system path I can change?  Thoughts?

    • #52960
      cyber.spirit
      Participant

      i can’t watch that movie IDK why anyway:

      is network established between you and the target? can you ping it?
      Can you scan the target with nmap?

      Is your target on internet? if it is:
      Are you behind any firewall? If you are, try this scan:

      nmap --scanflags SYNFIN 

      This may bypass the firewall.
      Always scan the server using IP address because they may implemented network load balancing so you may scan different servers each and every time.

      Is your target in a virtual lab? if it is:
      Make sure that you attack system and server are using a same network adapter otherwise they can’t connect to each other.
      check your IP addresses for both systems

      i hope this info can be helpful if not tell me i will watch the vidoe.

    • #52961
      Seen
      Participant

      @Cyber.spirit wrote:

      i can’t watch that movie IDK why anyway:

      is network established between you and the target? can you ping it?
      Can you scan the target with nmap?

      Is your target on internet? if it is:
      Are you behind any firewall? If you are, try this scan:

      nmap --scanflags SYNFIN 

      This may bypass the firewall.
      Always scan the server using IP address because they may implemented network load balancing so you may scan different servers each and every time.

      Is your target in a virtual lab? if it is:
      Make sure that you attack system and server are using a same network adapter otherwise they can’t connect to each other.
      check your IP addresses for both systems

      i hope this info can be helpful if not tell me i will watch the vidoe.

      ????

    • #52962
      BillV
      Participant

      What user is nessus running as? Make sure the profile for that user has nikto in the path.

Viewing 5 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?