4.6. Using LibWhisker LibWhisker is the Perl module Nikto relies on for its core functionality. At the time of this writing, the current Nikto version ships with LibWhisker 1.7. In general you will not need to use more than a handful of LibWhisker routines. Keep in mind they are all available and have very powerful features, such as crawling, NT Lan Man (NTLM) authentication support, hashing, and encoding. The names of the 69 exported routines are detailed here to help you understand the kind of functionality they provide. You can generate a very detailed manual of these routines from LibWhisker itself. To do this, uncompress LibWhisker and run the following commands: $cd libwhisker-1.8/scripts/ $perl func2html.pl < ../LW.pm > LW.pod.htm Here are the routines LibWhisker exports: - anti_ids
| - forms_read
| - multipart_setfile
| - auth_brute_force
| - forms_write
| - multipart_write
| - auth_set_header
| - get_page
| - ntlm_client
| - bruteurl
| - get_page_hash
| - ntlm_new
| - cookie_get
| - get_page_to_file
| - upload_file
| - cookie_parse
| - html_find_tags
| - utils_absolute_uri
| - cookie_read
| - http_do_request
| - utils_array_shuffle
| - cookie_set
| - http_do_request_ex
| - utils_find_lowercase_key
| - cookie_write
| - http_fixup_request
| - utils_get_dir
| - crawl
| - http_init_request
| - utils_getline
| - crawl_get_config
| - http_reset
| - utils_getline_crlf
| - crawl_set_config
| - md4
| - utils_getopts
| - decode_base64
| - md4_perl
| - utils_join_uri
| - decode_base64_perl
| - md5
| - utils_lowercase_hashkeys
| - do_auth
| - md5_perl
| - utils_lowercase_heades
| - download_file
| - multipart_boundary
| - utils_normalize_uri
| - dumper
| - multipart_files_list
| - utils_port_open
| - dumper_writefile
| - multipart_get
| - utils_randstr
| - encode_base64
| - multipart_getfile
| - utils_recperm
| - encode_base64_perl
| - multipart_params_list
| - utils_save_page
| - encode_str2ruri
| - multipart_read
| - utils_split_uri
| - encode_str2uri
| - multipart_read_data
| - utils_text_wrapper
| - encode_unicode
| - multipart_set
| - utils_unidecode_ur
|
In addition to the LibWhisker routines, plug-in developers can also use routines provided by the nikto_core plug-in. Many of these routines are meant for one-time use or for internal use only. Here are the common routines from LibWhisker and nikto_core that are frequently used by the existing plug-ins, along with a brief description of each:
- fetch
-
This takes two parameters, and an optional third parameter. The first parameter is the full path of a file that is to be requested. The second parameter is the HTTP method to use for the request. The optional third parameter is any POST data for the request. The routine makes an HTTP request and returns two scalars. The first returned value is the response code number and the second is the data returned. This routine will make the request using the LibWhisker parameters set by Nikto, so the host that is currently being scanned is where the request will be sent.
- parse_csv
-
This takes a single string of comma-separated values as a parameter and returns an array of those items without the commas.
- nprint
-
This takes one required parameter, and one optional parameter. The required parameter is the string to send to output (output depends on what was specified on the command line). The optional parameter prints only if Nikto is run in verbose or debug mode.
- char_escape
-
This takes one string parameter, escapes all nonalphanumeric characters in it with the \ character before them, and returns the result. If you need a higher level of control over the HTTP requests, you can use the LibWhisker routines. The most commonly used routines for plug-ins are summarized next. The LibWhisker request hash $request{'whisker'} has many values you can set to control the request. These should be returned to their original values if they are changed within a plug-in. See the nikto_headers plug-in as an example of how to do this correctly.
- LW::http_do_request
-
This takes two parameters: a request hash and a response hash that will be populated accordingly. An optional third parameter is a LibWhisker configs hash. The routine does the work of the actual HTTP request. It returns 0 on success and a nonzero value on error.
- LW::http_fixup_request
-
This makes sure the request conforms to the HTTP standard. It should be called immediately prior to http_do_request. It takes the request hash as the only parameter.
- LW::http_reset
-
This resets internal LibWhisker caches and closes existing connections.
- LW::utils_get_dir
-
This takes in a URI as a parameter and returns the base directory, similar to the dirname command on Linux systems.
- LW::utils_normalize_uri
-
This takes one parameter and corrects any ./ or ../ sequences to get a final, absolute URL.
- LW::auth_set_header
-
This sets authorization information in the request hash. It takes four required parameters and one optional parameter. The first parameter is either ntlm or basic, the second is the request hash, the third and fourth are the username and password, and the optional parameter is the domain (for ntlm auth). |