Section 4.6. Using LibWhisker


4.6. Using LibWhisker

LibWhisker is the Perl module Nikto relies on for its core functionality. At the time of this writing, the current Nikto version ships with LibWhisker 1.7. In general you will not need to use more than a handful of LibWhisker routines. Keep in mind they are all available and have very powerful features, such as crawling, NT Lan Man (NTLM) authentication support, hashing, and encoding. The names of the 69 exported routines are detailed here to help you understand the kind of functionality they provide. You can generate a very detailed manual of these routines from LibWhisker itself. To do this, uncompress LibWhisker and run the following commands:

$cd libwhisker-1.8/scripts/ $perl func2html.pl < ../LW.pm > LW.pod.htm

Here are the routines LibWhisker exports:

anti_ids
forms_read
multipart_setfile
auth_brute_force
forms_write
multipart_write
auth_set_header
get_page
ntlm_client
bruteurl
get_page_hash
ntlm_new
cookie_get
get_page_to_file
upload_file
cookie_parse
html_find_tags
utils_absolute_uri
cookie_read
http_do_request
utils_array_shuffle
cookie_set
http_do_request_ex
utils_find_lowercase_key
cookie_write
http_fixup_request
utils_get_dir
crawl
http_init_request
utils_getline
crawl_get_config
http_reset
utils_getline_crlf
crawl_set_config
md4
utils_getopts
decode_base64
md4_perl
utils_join_uri
decode_base64_perl
md5
utils_lowercase_hashkeys
do_auth
md5_perl
utils_lowercase_heades
download_file
multipart_boundary
utils_normalize_uri
dumper
multipart_files_list
utils_port_open
dumper_writefile
multipart_get
utils_randstr
encode_base64
multipart_getfile
utils_recperm
encode_base64_perl
multipart_params_list
utils_save_page
encode_str2ruri
multipart_read
utils_split_uri
encode_str2uri
multipart_read_data
utils_text_wrapper
encode_unicode
multipart_set
utils_unidecode_ur


In addition to the LibWhisker routines, plug-in developers can also use routines provided by the nikto_core plug-in. Many of these routines are meant for one-time use or for internal use only. Here are the common routines from LibWhisker and nikto_core that are frequently used by the existing plug-ins, along with a brief description of each:


fetch

This takes two parameters, and an optional third parameter. The first parameter is the full path of a file that is to be requested. The second parameter is the HTTP method to use for the request. The optional third parameter is any POST data for the request. The routine makes an HTTP request and returns two scalars. The first returned value is the response code number and the second is the data returned. This routine will make the request using the LibWhisker parameters set by Nikto, so the host that is currently being scanned is where the request will be sent.


parse_csv

This takes a single string of comma-separated values as a parameter and returns an array of those items without the commas.


nprint

This takes one required parameter, and one optional parameter. The required parameter is the string to send to output (output depends on what was specified on the command line). The optional parameter prints only if Nikto is run in verbose or debug mode.


char_escape

This takes one string parameter, escapes all nonalphanumeric characters in it with the \ character before them, and returns the result.

If you need a higher level of control over the HTTP requests, you can use the LibWhisker routines. The most commonly used routines for plug-ins are summarized next. The LibWhisker request hash $request{'whisker'} has many values you can set to control the request. These should be returned to their original values if they are changed within a plug-in. See the nikto_headers plug-in as an example of how to do this correctly.


LW::http_do_request

This takes two parameters: a request hash and a response hash that will be populated accordingly. An optional third parameter is a LibWhisker configs hash. The routine does the work of the actual HTTP request. It returns 0 on success and a nonzero value on error.


LW::http_fixup_request

This makes sure the request conforms to the HTTP standard. It should be called immediately prior to http_do_request. It takes the request hash as the only parameter.


LW::http_reset

This resets internal LibWhisker caches and closes existing connections.


LW::utils_get_dir

This takes in a URI as a parameter and returns the base directory, similar to the dirname command on Linux systems.


LW::utils_normalize_uri

This takes one parameter and corrects any ./ or ../ sequences to get a final, absolute URL.


LW::auth_set_header

This sets authorization information in the request hash. It takes four required parameters and one optional parameter. The first parameter is either ntlm or basic, the second is the request hash, the third and fourth are the username and password, and the optional parameter is the domain (for ntlm auth).



Network Security Tools
Network Security Tools: Writing, Hacking, and Modifying Security Tools
ISBN: 0596007949
EAN: 2147483647
Year: 2006
Pages: 110

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net