Andres, Am 23.02.12 20:31, schrieb Andres Riancho: > Johannes , > > On Wed, Feb 22, 2012 at 9:07 PM, Johannes Weberhofer > <jweberho...@weberhofer.at> wrote: >> Andres, >> >> Am 22.02.12 21:20, schrieb Andres Riancho: >>> >>> Johannes, >>> >>> On Wed, Feb 22, 2012 at 4:48 PM, Johannes Weberhofer >>> <jweberho...@weberhofer.at> wrote: >>>> >>>> Andres, >>>> >>>> can this file be complied from the files that are coming with an >>>> installed >>>> nikto rpm? It is allowed to distribute the files with nikto, so I could >>>> write a script to copy/compile/link the file in case the lines can be >>>> selected by a rule!? >>> >>> >>> I'm not sure what you're saying. w3af uses 100% of the lines in scan >>> database not only a few of them. >>> >> >> In nikto/plugins I find the following databases: >> >> db_httpoptions >> db_subdomains >> db_404_strings >> db_multiple_index >> db_tests >> db_embedded >> db_outdated >> db_variables >> >> It is allowed to distribute those with the nikto rpm-package, as the >> copyright says: "This file may only be distributed and used with the full >> Nikto package." >> >> My idea is, to combine those to the scan_database.db file in the >> setup-script. But I do not know, if that will result in the lines contained >> in scan_database.db, as I do not really know, how this has been assembled... > > Nope, it's not the same stuff. What I would do in your position is > fairly simple, the package generation script for Suse should REMOVE > the scandatabase and the pykto.py plugin. With that we loose some > features, but nothing major. The only issue that this may bring is > that some profiles (see profiles/ directory) reference the pykto > plugin and might show an error when loading. It would be possible to > remove those references as well since the profiles are simply text > files. > > Regards, >
I see. After some research I have found the required files are located at http://cirt.net/nikto/UPDATES/1.36/ . So I will include a script, which downloads the required files in the case a internet connection is available. That's a clean way. Johannes >> >> Johannes >> >>>> >>>> Am 20.02.12 23:55, schrieb Andres Riancho: >>>> >>>>> Johannes, >>>>> >>>>> On Mon, Feb 20, 2012 at 1:01 PM, Johannes Weberhofer >>>>> <jweberho...@weberhofer.at> wrote: >>>>>> >>>>>> >>>>>> Dear all, >>>>>> >>>>>> there is a licensing issue with the file >>>>>> plugins/discovery/pykto/scan_database.db . >>>>>> >>>>>> Is there a permission to distribute this file? >>>>> >>>>> >>>>> >>>>> Sadly no, that's why debian packagers removed the pykto plugin and the >>>>> databse >>>>> >>>>>> It seems to be derived from the nikto tool. There has already been an >>>>>> discussion about that: >>>>>> http://attrition.org/pipermail/nikto-discuss/2009-March/000140.html >>>>>> >>>>>> I don't know, which parts of the database are included in the above >>>>>> mentioned files. But is there a way, to use the databases from the >>>>>> nikto >>>>>> packages instead of the included ones? Which databases can be used? >>>>>> Upon >>>>>> packaging, it would be possible to symlink or compile some of >>>>>> the original files... >>>>>> >>>>>> Best regards, >>>>>> Johannes Weberhofer >>>>>> >>>>>> >>>>>> -- >>>>>> Johannes Weberhofer >>>>>> Weberhofer GmbH, Austria, Vienna >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Try before you buy = See our experts in action! >>>>>> The most comprehensive online learning library for Microsoft developers >>>>>> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, >>>>>> MVC3, >>>>>> Metro Style Apps, more. Free future releases when you subscribe now! >>>>>> http://p.sf.net/sfu/learndevnow-dev2 >>>>>> _______________________________________________ >>>>>> W3af-develop mailing list >>>>>> W3af-develop@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >>>> -- >>>> Johannes Weberhofer >>>> Weberhofer GmbH, Austria, Vienna >>> >>> >>> >>> >> >> -- >> Johannes Weberhofer >> Weberhofer GmbH, Austria, Vienna > > > -- Johannes Weberhofer Weberhofer GmbH, Austria, Vienna ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
