nikto and openvas

**diegosales** · 09-24-2012

I have been using openvas to check webservers vulnerabilities. Here is aone of the reportś answers:

Nikto could not be found in your system path.
OpenVAS was unable to execute Nikto and to perform the scan you
requested.
Please make sure that Nikto is installed and that nikto.pl or nikto is
available in the PATH variable defined for your environment.

I have installed nikto in thhe openvas server, but whenever it starts a new scan, this message appears...

Help me

***atreyu*** · 10-01-2012

try putting a symlink to your nikto.pl perl script in a directory used by the PATH of whatever OpenVAS is, e.g.:

Code:

ln -s /path/to/nikto.pl /usr/local/bin/nikto.pl

**diegosales** · 10-01-2012

Hi,

My nikto script, nikto.pl, is at /etc/openvas. So, how could it be this symlink? I´m just a beginner...

Thanks

**devils casper** · 10-01-2012

Code:

ln -s /etc/openvas/nikto.pl /usr/local/bin/nikto.pl

***atreyu*** · 10-02-2012

Originally Posted by diegosales

Hi,

My nikto script, nikto.pl, is at /etc/openvas. So, how could it be this symlink? I´m just a beginner...

Thanks

just curious, how did you install nikto? There is a nikto package available in Debian's sources, and I would think that it would be smart enough to install itself in such a way that it could be found by other programs. I.e., it is odd that your script is in an /etc/ dir.

to install the package via apt-get:

Code:

apt-get install nikto

okay, curiosity got the better of me: i downloaded this nikto package (for Sid unstable) and uncompress it: the nikto Perl script is installed as /usr/bin/nikto, so I think that is the way you should go.

**diegosales** · 10-02-2012

Thanks, man. It did work. There is another issue. In the report says:
wapiti report filename is empty, that could mean that wrong version of wapiti is used or tmp dir is not accessible. Make sure to have wapiti 2.x as wapiti 1.x is not supported. In short: check instalation of wapiti and Openvas.

I ran the script openvas check setup and everything is ok.

There are other messages like: Arachni could not be found in your system Path. I tried to install it, but the packet was not found.

***atreyu*** · 10-02-2012

Originally Posted by diegosales

There is another issue. In the report says:
wapiti report filename is empty, that could mean that wrong version of wapiti is used or tmp dir is not accessible. Make sure to have wapiti 2.x as wapiti 1.x is not supported. In short: check instalation of wapiti and Openvas.

I ran the script openvas check setup and everything is ok.

So do you have wapiti installed? If so, what version and how did you install it? I see that Debian only has version 1.1.6 available.

You can check out the following thread on getting wapiti 2x working w/openvas:

[SOLVED] Wapiti security tool fails to run with Openvas

There are other messages like: Arachni could not be found in your system Path. I tried to install it, but the packet was not found.

How did you try to install Arachni, and was it successful? The Arachni Scanner homepage provides a CDE package for Linux, whatever the hell that is. What exactly is saying "the packet was not found"?

**diegosales** · 10-03-2012

Arachni is o.k.

I have to find a way to install wapiti 2.x

Is there a significant difference between them??? One is enough?

***atreyu*** · 10-03-2012

Originally Posted by diegosales

Arachni is o.k.

I have to find a way to install wapiti 2.x

Is there a significant difference between them??? One is enough?

i don't know anything about either of them, i was just trying to help you install them. Follow the link I supplied in my previous post to get wapiti 2.x going.

**diegosales** · 10-03-2012

I could not install wapiti 2.x. The link you sent me to download wapiti is broken... and I cannot finfd anywhere else...

but thanks anyway

Thread Tools

Display

nikto and openvas

Posting Permissions