From da7f370617e4ccdcf0c30a4000e8094a8ed03cc0 Mon Sep 17 00:00:00 2001 From: Marco Bonetti Date: Thu, 13 May 2010 00:37:35 +0200 Subject: [PATCH] network/nikto: Updated for version 2.1.1 --- network/nikto/README | 9 +++++ network/nikto/doinst.sh | 22 ++++++++++++ network/nikto/nikto.SlackBuild | 62 ++++++++++++++++++++++++++-------- network/nikto/nikto.diff | 15 ++++++++ network/nikto/nikto.info | 10 +++--- network/nikto/slack-desc | 2 +- network/nikto/slackware.patch | 45 ------------------------ 7 files changed, 100 insertions(+), 65 deletions(-) create mode 100644 network/nikto/doinst.sh create mode 100644 network/nikto/nikto.diff delete mode 100644 network/nikto/slackware.patch diff --git a/network/nikto/README b/network/nikto/README index da70fa3639..1717eb85e8 100644 --- a/network/nikto/README +++ b/network/nikto/README @@ -6,3 +6,12 @@ can be automatically updated (if desired). Nikto requires libwhisker2 and Net-SSLeay perl modules, both of which are available in the SlackBuilds.org repository. + +WARNING: if you're updating from 2.03 to 2.1.0 keep in mind that the +configuration file have been changed from the old location +/etc/nikto/config.txt (a debianism I introduced to work around the config.txt +unspecified location) to the newer, official /etc/nikto.conf. +Speaking of debianism: I removed the symolic link /usr/bin/nikto creation, +upgradepkg will not rm it but newer installs will not have it anymore. If you +like the link and want to retain it in future updates, just uncomment the +needed lines inside the SlackBuild. diff --git a/network/nikto/doinst.sh b/network/nikto/doinst.sh new file mode 100644 index 0000000000..bd63e8f2be --- /dev/null +++ b/network/nikto/doinst.sh @@ -0,0 +1,22 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on nikto.conf: +if [ -e etc/nikto.conf ]; then + cp -a etc/nikto.conf etc/nikto.conf.new.incoming + cat etc/nikto.conf.new > etc/nikto.conf.new.incoming + mv etc/nikto.conf.new.incoming etc/nikto.conf.new +fi + +config etc/nikto.conf.new + diff --git a/network/nikto/nikto.SlackBuild b/network/nikto/nikto.SlackBuild index 07d1c45d1a..12a52624aa 100644 --- a/network/nikto/nikto.SlackBuild +++ b/network/nikto/nikto.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for Nikto Web Scanner # -# Copyright 2009-2010 Marco Bonetti +# Copyright 2010-2011 Marco Bonetti # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,8 +23,8 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=nikto -VERSION=${VERSION:-2.03} -ARCH=${ARCH:-noarch} +VERSION=${VERSION:-2.1.1} +ARCH=${ARCH:-i486} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} @@ -35,9 +35,17 @@ OUTPUT=${OUTPUT:-/tmp} DOCS="CHANGES.txt LICENSE.txt nikto_manual.html" +if [ "$ARCH" = "i486" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +fi + # Most of the packaging techniques for this strange program comes from Debian # rules file; next time you'll be at the pub with your friendly debianist, -# buy him a beer ;-) - sid77 +# buy him a beer ;-) set -e @@ -46,20 +54,42 @@ mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $PRGNAM tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 -cd $PRGNAM +cd $PRGNAM-$VERSION chown -R root:root . -# Fix nmap path, remove shipped libwhisker2 dependency and more -patch -p1 < $CWD/slackware.patch +# Fix nikto.pl paths +patch -p1 --verbose < $CWD/nikto.diff +## Fix config.txt (keeping two patches a time sux, but they're simple and I +# think that using sed here will just be worst) +#patch -p1 --verbose < $CWD/patches/config$LIBDIRSUFFIX.diff +# sed is better, really :-P +sed -i -e "s:/usr/local/bin/nmap:/usr/bin/nmap:g" nikto.conf +sed -i -e "s:# EXECDIR=/usr/local/nikto:EXECDIR=/usr/lib$LIBDIRSUFFIX/nikto:g" nikto.conf + +# Install the program. Revert back to nikto.pl as it looks like the official +# name, at least OpenVAS looks for it instead of the debianized nikto ;-) +install -d \ + $PKG/etc/ \ + $PKG/usr/bin/ \ + $PKG/usr/lib$LIBDIRSUFFIX/nikto/docs/ \ + $PKG/usr/lib$LIBDIRSUFFIX/nikto/plugins/ \ + $PKG/usr/lib$LIBDIRSUFFIX/nikto/templates/ +install -m 0644 nikto.conf $PKG/etc/nikto.conf.new +install -m 0644 docs/CHANGES.txt $PKG/usr/lib$LIBDIRSUFFIX/nikto/docs/ +install -m 0644 plugins/* $PKG/usr/lib$LIBDIRSUFFIX/nikto/plugins/ +install -m 0644 templates/* $PKG/usr/lib$LIBDIRSUFFIX/nikto/templates/ +install -m 0755 nikto.pl $PKG/usr/bin/ + +## However, be compatible with any users' scripts +# No, drop compatibility here: stick as much as possible to the sources. +# This was a debianism I adopted with the first version, however, if you like +# it just uncomment the lines below. +#( cd $PKG/usr/bin +# ln -s nikto.pl nikto +#) -# Install the program -install -d $PKG/etc/nikto/ $PKG/usr/bin/ $PKG/usr/lib/nikto/plugins/ -install -m 0644 config.txt $PKG/etc/nikto/ -install -m 0644 plugins/* $PKG/usr/lib/nikto/plugins/ -install -m 0644 docs/CHANGES.txt $PKG/usr/lib/nikto/plugins/ -install -m 0755 nikto.pl $PKG/usr/bin/nikto # Remove the shipped libwhisker2 -rm -f $PKG/usr/lib/nikto/plugins/LW2.pm +rm -f $PKG/usr/lib$LIBDIRSUFFIX/nikto/plugins/LW2.pm # Copy over important docs and man page mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION @@ -72,6 +102,8 @@ cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} + diff --git a/network/nikto/nikto.diff b/network/nikto/nikto.diff new file mode 100644 index 0000000000..ac1f59514f --- /dev/null +++ b/network/nikto/nikto.diff @@ -0,0 +1,15 @@ +diff -Naur nikto-2.1.1.orig/nikto.pl nikto-2.1.1/nikto.pl +--- nikto-2.1.1.orig/nikto.pl 2010-02-02 20:28:54.000000000 +0100 ++++ nikto-2.1.1/nikto.pl 2010-02-05 12:03:17.287685939 +0100 +@@ -85,9 +85,9 @@ + require "$NIKTOCONFIG{'PLUGINDIR'}/nikto_core.plugin"; + nprint("T:$starttime: Starting", "d"); + require "$NIKTOCONFIG{'PLUGINDIR'}/nikto_single.plugin"; +-require "$NIKTOCONFIG{'PLUGINDIR'}/LW2.pm"; ++#require "$NIKTOCONFIG{'PLUGINDIR'}/LW2.pm"; + +-# use LW2; ### Change this line to use a different installed version ++use LW2; ### Change this line to use a different installed version + + ($a, $b) = split(/\./, $LW2::VERSION); + die("- You must use LW2 2.4 or later\n") if ($a != 2 || $b < 4); diff --git a/network/nikto/nikto.info b/network/nikto/nikto.info index 9a7c1ad1f5..16c3892de3 100644 --- a/network/nikto/nikto.info +++ b/network/nikto/nikto.info @@ -1,8 +1,10 @@ PRGNAM="nikto" -VERSION="2.03" +VERSION="2.1.1" HOMEPAGE="http://cirt.net/nikto2" -DOWNLOAD="http://cirt.net/nikto/nikto-2.03.tar.bz2" -MD5SUM="8f286a7943b12a341088f005f832d087" +DOWNLOAD="http://cirt.net/nikto/nikto-2.1.1.tar.bz2" +MD5SUM="4a7ca9634190eba8cac9847117a72446" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" MAINTAINER="Marco Bonetti" EMAIL="sid77@slackware.it" -APPROVED="rworkman" +APPROVED="dsomero" diff --git a/network/nikto/slack-desc b/network/nikto/slack-desc index 97c2df6ceb..db78484a11 100644 --- a/network/nikto/slack-desc +++ b/network/nikto/slack-desc @@ -15,5 +15,5 @@ nikto: servers, and version specific problems on over 250 servers. Scan items nikto: and plugins are frequently updated and can be automatically updated nikto: (if desired). nikto: -nikto: +nikto: https://cirt.net/nikto2 nikto: diff --git a/network/nikto/slackware.patch b/network/nikto/slackware.patch deleted file mode 100644 index 218bb88e3f..0000000000 --- a/network/nikto/slackware.patch +++ /dev/null @@ -1,45 +0,0 @@ -diff -Naur nikto.orig/config.txt nikto/config.txt ---- nikto.orig/config.txt 2008-09-04 19:00:41.000000000 +0200 -+++ nikto/config.txt 2008-12-14 17:33:00.000000000 +0100 -@@ -8,7 +8,7 @@ - - # location of nmap to use with port scanning (rather than Nikto internals) - # and any options to pass to it --NMAP=/usr/local/bin/nmap -+NMAP=/usr/bin/nmap - NMAPOPTS=-P0 - - # ports never to scan -@@ -18,7 +18,7 @@ - #SKIPIDS= - - # if Nikto is having difficulty finding the 'plugins', set the full install path here --# EXECDIR=/usr/local/nikto -+EXECDIR=/usr/lib/nikto - - # the default HTTP version to try... can/will be changed as necessary - DEFAULTHTTPVER=1.0 -diff -Naur nikto.orig/nikto.pl nikto/nikto.pl ---- nikto.orig/nikto.pl 2008-09-04 19:00:41.000000000 +0200 -+++ nikto/nikto.pl 2008-12-14 17:36:04.000000000 +0100 -@@ -50,7 +50,7 @@ - $DIV = "-" x 75; - $NIKTO{version} = "2.03"; - $NIKTO{name} = "Nikto"; --$NIKTO{configfile} = "config.txt"; ### Change this line if your setup is having trouble finding it -+$NIKTO{configfile} = "/etc/nikto/config.txt"; ### Change this line if your setup is having trouble finding it - $http_eol = "\r\n"; - - # read the --config option -@@ -68,9 +68,9 @@ - nprint("T:$STARTTIME: Starting", "d"); - require "$NIKTO{plugindir}/nikto_reports.plugin"; ### Change this line if your setup is having trouble finding it - require "$NIKTO{plugindir}/nikto_single.plugin"; ### Change this line if your setup is having trouble finding it --require "$NIKTO{plugindir}/LW2.pm"; ### Change this line if your setup is having trouble finding it -+#require "$NIKTO{plugindir}/LW2.pm"; ### Change this line if your setup is having trouble finding it - --# use LW2; ### Change this line to use a different installed version -+use LW2; ### Change this line to use a different installed version - - ($a, $b) = split(/\./, $LW2::VERSION); - die("- You must use LW2 2.4 or later\n") if ($a != 2 || $b < 4);