Nikto XML import fails


#1

Hi there, when I try to import nikto results (XML, I have an error message :
No scan results were detected in the uploaded file (/nikto/niktoscan/scandetails). Ensure you uploaded a Nikto XML report.

My nikto xml seems right and file is uploaded successfully, any idea ? it works for nmap

Thanks for your advices


#2

Hi @jeffz, what version of Dradis and what version of Nikto?

Can you shared the first few tags in your Nikto XML results file please?


#3

Hello @etd,
Dradis version is V9.9.0 and nikto is 2.1.6. Don’t know if it is relevant but nikto_report_xml.plugin is 2.06
Here is the start of my xml. Thanks very much.

<?xml version="1.0" ?>

#4

@etd, sorry code seemed to be deleted

<?xml version="1.0" ?>
<!DOCTYPE niktoscan SYSTEM "docs/nikto.dtd">
<niktoscan>
<item id="000029" osvdbid="0" osvdblink="http://osvdb.org/0" method="">
<description><![CDATA[No web server found on xxx.xxx.xxx.xxx:80]]></description>
<uri><![CDATA[]]></uri>
<namelink><![CDATA[https://xxx.xxx.xxx.xxx:80]]></namelink>
<iplink><![CDATA[https://xxx.xxx.xxx.xxx:80]]></iplink>
</item>

<item id="000029" osvdbid="0" osvdblink="http://osvdb.org/0" method="">
<description><![CDATA[No web server found on xxx.xxx.xxx.xxx:80]]></description>
<uri><![CDATA[]]></uri>
<namelink><![CDATA[https://xxx.xxx.xxx.xxx:80]]></namelink>
<iplink><![CDATA[https://xxx.xxx.xxx.xxx:80]]></iplink>
</item>

<item id="000029" osvdbid="0" osvdblink="http://osvdb.org/0" method="">
<description><![CDATA[No web server found on xxx.xxx.xxx.xxx:80]]></description>
<uri><![CDATA[]]></uri>
<namelink><![CDATA[https://xxx.xxx.xxx.xxx:80]]></namelink>
<iplink><![CDATA[https://xxx.xxx.xxx.xxx:80]]></iplink>
</item>

<niktoscan hoststest="0" options="-h /root/xxx/parsed-ips/http-hosts.txt -p 80 -output /root/xxx/nikto/nikto_http_host.xml" version="2.1.6" scanstart="Tue Jun 19 21:08:21 2018" scanend="Thu Jan  1 00:00:00 1970" scanelapsed=" seconds" nxmlversion="1.2">

<scandetails targetip="xxx.xxx.xxx.xxx" targethostname="xxx.xxx.xxx.xxx" targetport="80" targetbanner="Apache/2.4.9 (Win64) OpenSSL/1.0.1g PHP/5.5.12" starttime="2018-06-19 21:31:45" sitename="http://xxx.xxx.xxx.xxx:80/" siteip="http://xxx.xxx.xxx.xxx:80/" hostheader="xxx.xxx.xxx.xxx" errors="0" checks="6869">


<item id="999957" osvdbid="0" osvdblink="http://osvdb.org/0" method="GET">
<description><![CDATA[The anti-clickjacking X-Frame-Options header is not present.]]></description>
<uri><![CDATA[/]]></uri>
<namelink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></namelink>
<iplink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></iplink>
</item>

<item id="999102" osvdbid="0" osvdblink="http://osvdb.org/0" method="GET">
<description><![CDATA[The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS]]></description>
<uri><![CDATA[/]]></uri>
<namelink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></namelink>
<iplink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></iplink>
</item>

#5

@jeffz, I’m really sorry about the delay! I’m not sure what’s going on with your Nikto scan but it’s not in the format that our importer is expecting. Is that output straight from Nikto or did you do some cut/paste/deleting before putting the snippet up here? I ask because the snippet you gave has two opening <niktoscan> tags and starts listing <item> tags without a <scandetails> tag first. Dradis is expecting a specific nesting of the tags like this:

<niktoscan>
    <scandetails>
        <item id>

Examples on GitHub: https://github.com/dradis/dradis-nikto/blob/master/spec/fixtures/files/localhost.xml

If I nest the tags as expected on your sample, it uploads as expected!

<?xml version="1.0" ?>
<!DOCTYPE niktoscan SYSTEM "docs/nikto.dtd">

<niktoscan hoststest="0" options="-h /root/xxx/parsed-ips/http-hosts.txt -p 80 -output /root/xxx/nikto/nikto_http_host.xml" version="2.1.6" scanstart="Tue Jun 19 21:08:21 2018" scanend="Thu Jan  1 00:00:00 1970" scanelapsed=" seconds" nxmlversion="1.2">

<scandetails targetip="xxx.xxx.xxx.xxx" targethostname="xxx.xxx.xxx.xxx" targetport="80" targetbanner="Apache/2.4.9 (Win64) OpenSSL/1.0.1g PHP/5.5.12" starttime="2018-06-19 21:31:45" sitename="http://xxx.xxx.xxx.xxx:80/" siteip="http://xxx.xxx.xxx.xxx:80/" hostheader="xxx.xxx.xxx.xxx" errors="0" checks="6869">


<item id="999957" osvdbid="0" osvdblink="http://osvdb.org/0" method="GET">
<description><![CDATA[The anti-clickjacking X-Frame-Options header is not present.]]></description>
<uri><![CDATA[/]]></uri>
<namelink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></namelink>
<iplink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></iplink>
</item>

<item id="999102" osvdbid="0" osvdblink="http://osvdb.org/0" method="GET">
<description><![CDATA[The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS]]></description>
<uri><![CDATA[/]]></uri>
<namelink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></namelink>
<iplink><![CDATA[http://xxx.xxx.xxx.xxx:80/]]></iplink>
</item>
</scandetails>
</niktoscan>

Can you confirm if the XML straight out of Nikto is formatted with these missing/differently-nested tags? If so, we’ll need to upload our parser. I’d very much appreciate any sample files you could share with us! DM me if you can send any.