Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invalid XML files from Nikto #467

Kalaratri opened this issue Apr 1, 2017 · 3 comments


None yet
3 participants
Copy link

commented Apr 1, 2017


  • Nikto v2.1.6

I'm having trouble with the XML reports. For example a command like this results in an invalid XML file:

nikto -p 80 -h file_of_http_hosts.txt -Format XML -o nikto_output_http_hosts.xml

When trying to import this into Metasploit I receive this error:

msf > db_import lnikto_output_http_hosts.xml
[*] Importing 'Nikto XML' data
[-] Failed to import /nikto_output_http_hosts.xml due to malformed XML:
[-] REXML::ParseException: No close tag for /niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan[2]/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan[3]/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan/niktoscan
Line: 4676
Position: 259370
Last 80 unconsumed characters:

I've tried checking the XML file with a third party tool, and it too found it was invalid XML

Any ideas as to how this could be resolved?



This comment has been minimized.

Copy link

commented Jan 29, 2018

Do you still have the file or a way to reproduce this?


This comment has been minimized.

Copy link

commented Jan 30, 2018


This comment has been minimized.

Copy link

commented Mar 28, 2019

I am noticing a similar problem. The XML output contains an extra tag pair. It prevents Dradis CE from importing. I have not tried with Metasploit.

<?xml version="1.0" ?>
<!DOCTYPE niktoscan SYSTEM "/var/lib/nikto/docs/nikto.dtd">
		<scandetails >
			<item >
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.