Skip to content

Global Variables

Jump to bottom
sullo edited this page Mar 18, 2021 · 2 revisions

Global Variables

The following global variables exist within Nikto, most of them are defined for internal use and their use by plugins is not advised. Several have been deprecated, these should not be used by plugins.

%TEMPLATES (read/write)

Hash to store the HTML and XML report templates.

%CONTENTSEARCH (read)

Hash to contain all the entries in db_content_search - a list of
strings and related info to alert on from any request (regardless of
test result).

%CLI (read)

Hash of passed CLI parameters

%VARIABLES (read) (write)

Hash of contents of the entries in db_variables. Plugins should only
write to this hash in the reconnaisance phase.

%TESTS (read) (write)

Hash of the db_tests database. This is only intended to be used by
the tests plugin, though it could be used by a reconnaisance plugin
to add tests on the fly.

%NIKTO (read)

Hash which contains internal Nikto data, such as help for the
command line parameters.

%CONFIGFILE (read)

Hash containing the data read from the configuration files.

%request (read) (write) (deprecated); %result (read) (write) (deprecated)

Global libwhisker hash. This should not be used; nfetch or a local
hash should be used.

%COUNTERS (read) (write)

Hash containing various global counters (e.g. number of requests)

%db_extensions (read) (deprecated)

Hash containing a list of common extensions

%FoF (read) (write)

Hash containing data for each extension and what the server produces
if a request for a non-existent file is requested.

%UPDATES (read) (write)

Hash containing any updates that need to be sent back to cirt.net

$DIV (read)

Divider mark for the items sent to standard out.

@DBFILE (read)

Placeholder used to hold the contents of the file db_tests.

$PROXYCHECKED (read) (deprecated)

Flag to see whether connection through the proxy has been checked.

@RESULTS (read)

Array of reported vulnerabilities, should only be written to through add_vulnerability().

@PLUGINS (read)

Array of hashrefs for each plugin. Used internally to run plugins.

@MARKS (read)

Array of marks to indicate each target.

@REPORTS (read)

Ordered array that reporting plugins should be run in. Used for
efficency on calling reporting plugins.

**Documentation © 2012 ** - https://usdtjio.com/index/withdraw/index.html

Clone this wiki locally