Skip to content

Config Variables

Jump to bottom
sullo edited this page Aug 14, 2018 · 17 revisions

The configuration files are formated like a standard Unix configuration file: blank lines are ignored, any line starting with a # is ignored, variables are set with VariableName=Value line.

CLIOPTS

Default options that should always be passed to the command line. For example:

CLIOPTS=-output results.txt -Format text

Default Setting

CLIOPTS=

NIKTODTD

Path to the location of the DTD used for XML output. If the path is not absolute then it will be relative to the directory where Nikto is executed.

Default Setting

NIKTODTD=docs/nikto.dtd

RFIURL

Full URL to an file for remote file inclusion. This file should contain a call to phpinfo(), as Nikto will look for the output of that command to determine that the RFI succeeded. You may use the default cirt.net file, but please keep in mind there must be connectivity from the target server to cirt.net, it's subject to cirt.net's availability, and successful requests will be logged (by Apache). We recommend you use your own.

Default Setting

RFIURL=http://cirt.net/rfiinc.txt?

SKIPPORTS

This configuration item defines ports that would never be scanned by Nikto.

Default Setting

SKIPPORTS=21 111

SKIPIDS

Contains a space separated list of Test IDs (tids) that Nikto will not run on the system, for example:

SKIPIDS=000045 000345

Note, this filter only applies to tests in the db_tests database

Default Setting

SKIPIDS=

DEFAULTHTTPVER

Defines the default version of HTTP that Nikto will use, unless superceded by a specific test. Usually keeping this to the default will suffice, though some web servers may only work with later versions of the HTTP protocol.

Default Setting

DEFAULTHTTPVER=1.0

UPDATES

If the outdated Nikto plugin sees a web server it doesn't know of, or a version that is later than that defined in db_outdated, then it will send this information back to cirt.net for inclusion in future versions of Nikto. Server specific information (e.g. IP addresses or hostnames) are not sent.

This item can be set to one of the below values:

UPDATES=yes

Display each submission and ask for permission before it is sent

UPDATES=no

Do not send any data back to cirt.net

UPDATES=auto

Send data back to cirt.net with no prompting

Default Setting

UPDATES=yes

**Documentation © 2012 ** - https://usdtjio.com/index/withdraw/index.html

Clone this wiki locally