4.6. Using LibWhisker
LibWhisker is the Perl module Nikto
relies on for its core functionality. At the time of this writing,
the current Nikto version ships with LibWhisker 1.7. In general you
will not need to use more than a handful of LibWhisker routines. Keep
in mind they are all available and have very powerful features, such
as crawling, NT Lan Man (NTLM) authentication support, hashing, and
encoding. The names of the 69 exported routines are detailed here to
help you understand the kind of functionality they provide. You can
generate a very detailed manual of these routines from LibWhisker
itself. To do this, uncompress LibWhisker and run the following
commands: $cd libwhisker-1.8/scripts/
$perl funcl.pl < ../LW.pm > LW.pod Here are the
routines
LibWhisker exports:
|
anti_ids
|
forms_read
|
multipart_setfile
| |
auth_brute_force
|
forms_write
|
multipart_write
| |
auth_set_header
|
get_page
|
ntlm_client
| |
bruteurl
|
get_page_hash
|
ntlm_new
| |
cookie_get
|
get_page_to_file
|
upload_file
| |
cookie_parse
|
|
utils_absolute_uri
| |
cookie_read
|
http_do_request
|
utils_array_shuffle
| |
cookie_set
|
http_do_request_ex
|
utils_find_lowercase_key
| |
cookie_write
|
http_fixup_request
|
utils_get_dir
| |
crawl
|
http_init_request
|
utils_getline
| |
crawl_get_config
|
http_reset
|
utils_getline_crlf
| |
crawl_set_config
|
md4
|
utils_getopts
| |
decode_base64
|
md4_perl
|
utils_join_uri
| |
decode_base64_perl
|
md5
|
utils_lowercase_hashkeys
| |
do_auth
|
md5_perl
|
utils_lowercase_heades
| |
download_file
|
multipart_boundary
|
utils_normalize_uri
| |
dumper
|
multipart_files_list
|
utils_port_open
| |
dumper_writefile
|
multipart_get
|
utils_randstr
| |
encode_base64
|
multipart_getfile
|
utils_recperm
| |
encode_base64_perl
|
multipart_params_list
|
utils_save_page
| |
encode_str2ruri
|
multipart_read
|
utils_split_uri
| |
encode_str2uri
|
multipart_read_data
|
utils_text_wrapper
| |
encode_unicode
|
multipart_set
|
utils_unidecode_ur
| In addition to the LibWhisker routines, plug-in developers can also
use
routines
provided by the nikto_core plug-in. Many of these
routines are meant for one-time use or for internal use only. Here
are the common routines from LibWhisker and
nikto_core that are frequently used by the
existing plug-ins, along with a brief description of each:
fetch
This takes two
parameters, and an optional third parameter. The first parameter is
the full path of a file that is to be requested. The second parameter
is the HTTP method to use for the request. The optional third
parameter is any POST data for the request. The
routine makes an HTTP request and returns two scalars. The first
returned value is the response code number and the second is the data
returned. This routine will make the request using the LibWhisker
parameters set by Nikto, so the host that is currently being scanned
is where the request will be sent.
parse_csv
This takes a single string of comma-separated values as a parameter
and returns an array of those items without the commas.
nprint
This takes one required parameter, and one optional parameter. The
required parameter is the string to send to output (output depends on
what was specified on the command line). The optional parameter
prints only if Nikto is run in verbose or debug mode.
char_escape
This takes one string parameter, escapes all nonalphanumeric
characters in it with the \ character before them,
and returns the result.
If you need a higher level of control over the
HTTP requests, you can use the
LibWhisker routines. The most commonly used routines for plug-ins are
summarized next. The LibWhisker request hash
$request{'whisker'} has many values you can set to
control the request. These should be returned to their original
values if they are changed within a plug-in. See the
nikto_headers plug-in as an example of how to do
this correctly.
LW::http_do_request
This takes two parameters: a request hash and a response hash that
will be populated accordingly. An optional third parameter is a
LibWhisker configs hash. The routine does the work of the actual HTTP
request. It returns 0 on success and a nonzero
value on error.
LW::http_fixup_request
This makes sure the request conforms to the HTTP standard. It should
be called immediately prior to
http_do_request. It takes the request hash as the only
parameter.
LW::http_reset
This resets internal LibWhisker caches and closes existing
connections.
LW::utils_get_dir
This takes in a URI as a parameter and returns the base directory,
similar to the dirname command on Linux systems.
LW::utils_normalize_uri
This takes one parameter and corrects any ./ or
../ sequences to get a final, absolute URL.
LW::auth_set_header
This sets authorization information in the request hash. It takes
four required parameters and one optional parameter. The first
parameter is either ntlm or
basic, the second is the request hash, the third
and fourth are the username and password, and the optional parameter
is the domain (for ntlm
auth).
|