scan with user logged

Eliezer's Avatar

Eliezer

25 Mar, 2014 06:42 PM

Hi,
I need to login in web application, but appears the error

I have sure that URL, user and password is right, but I cant log on application with success

please someone help me

Tks

Eliézer

  1. Support Staff 1 Posted by Tasos Laskos on 26 Mar, 2014 05:17 AM

    Tasos Laskos's Avatar

    What sort of error are you getting?

  2. 2 Posted by Eliézer on 27 Mar, 2014 03:18 PM

    Eliézer's Avatar

    Can u see attach file please?

  3. Support Staff 3 Posted by Tasos Laskos on 27 Mar, 2014 03:21 PM

    Tasos Laskos's Avatar

    I see no attached file, if you sent it via e-mail it won't be available on this ticket.

  4. Support Staff 4 Posted by Tasos Laskos on 28 Mar, 2014 07:24 AM

    Tasos Laskos's Avatar

    I saw the picture you sent me privately but could you please attach the whole error log as a text file to this discussion so that I can have a proper look at it?

    You can remove any sensitive information.

    Cheers

  5. 5 Posted by Eliézer Pereira on 05 Apr, 2014 04:48 PM

    Eliézer Pereira's Avatar
    2014-04-05 10:52:38 -0300 --------------------------------------------------------------------------------
    ENV:
    ---
    ORBIT_SOCKETDIR: "/tmp/orbit-root"
    HOSTNAME: xxxxxx-srv
    NOKOGIRI_USE_SYSTEM_LIBRARIES: 'true'
    GEM_HOME: "/root/softs/arachni-0.4.6-0.4.3/system/gems"
    SHELL: "/bin/bash"
    TERM: xterm
    HISTSIZE: '1000'
    XDG_SESSION_COOKIE: 10243573bcfab56b2631b7eb00000075-1395582833.874782-2111349255
    IRBRC: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib/ruby/.irbrc"
    GTK_RC_FILES: "/etc/gtk/gtkrc:/root/.gtkrc-1.2-gnome2"
    WINDOWID: '25186349'
    MY_RUBY_HOME: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib/ruby"
    USER: root
    LD_LIBRARY_PATH: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib"
    LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.tbz=01;31:*.tbz2=01;31:*.bz=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:'
    SSH_AUTH_SOCK: "/tmp/keyring-0YegzO/socket.ssh"
    GNOME_KEYRING_SOCKET: "/tmp/keyring-0YegzO/socket"
    USERNAME: root
    SESSION_MANAGER: local/unix:@/tmp/.ICE-unix/2492,unix/unix:/tmp/.ICE-unix/2492
    PATH: "/root/softs/arachni-0.4.6-0.4.3/system/gems/bin:/root/softs/arachni-0.4.6-0.4.3/bin/../system/../bin:/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/bin:/root/softs/arachni-0.4.6-0.4.3/bin/../system/gems/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/root/bin"
    MAIL: "/var/spool/mail/root"
    DESKTOP_SESSION: gnome
    PWD: "/root/softs/arachni-0.4.6-0.4.3/bin"
    ARACHNI_WEBUI_LOGDIR: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/logs/webui"
    GDM_KEYBOARD_LAYOUT: us
    GNOME_KEYRING_PID: '2483'
    LANG: en_US.UTF-8
    GDM_LANG: en_US.UTF-8
    ARACHNI_FRAMEWORK_LOGDIR: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/logs/framework"
    GDMSESSION: gnome
    HISTCONTROL: ignoredups
    SSH_ASKPASS: "/usr/libexec/openssh/gnome-ssh-askpass"
    SHLVL: '2'
    HOME: "/root"
    RAILS_ENV: production
    GNOME_DESKTOP_SESSION_ID: this-is-deprecated
    DYLD_LIBRARY_PATH: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib:"
    LOGNAME: root
    GEM_PATH: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/gems"
    DBUS_SESSION_BUS_ADDRESS: unix:abstract=/tmp/dbus-KfY2vQEnrx,guid=59b0d31b0bb2cd7543645db000000254
    LESSOPEN: "|/usr/bin/lesspipe.sh %s"
    WINDOWPATH: '1'
    DISPLAY: ":0.0"
    RUBYLIB: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/bundler-1.5.1/lib:/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib/ruby:/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib/ruby/site_ruby/1.9.1:/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib/ruby/1.9.1:/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib/ruby/1.9.1/x86_64-linux:/root/softs/arachni-0.4.6-0.4.3/bin/../system/usr/lib/ruby/site_ruby/1.9.1/x86_64-linux"
    RUBY_VERSION: ruby-1.9.3-p448
    G_BROKEN_FILENAMES: '1'
    COLORTERM: gnome-terminal
    XAUTHORITY: "/var/run/gdm/auth-for-root-JZ0Z8g/database"
    RACK_ENV: development
    BUNDLE_GEMFILE: "/root/softs/arachni-0.4.6-0.4.3/system/arachni-ui-web/Gemfile"
    _ORIGINAL_GEM_PATH: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/gems"
    BUNDLE_BIN_PATH: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/bundler-1.5.1/bin/bundle"
    RUBYOPT: "-rbundler/setup"
    --------------------------------------------------------------------------------
    OPTIONS:
    --- !ruby/object:Arachni::Options
    dir:
      root: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/"
      gfx: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/gfx/"
      conf: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/conf/"
      logs: "/root/softs/arachni-0.4.6-0.4.3/bin/../system/logs/framework/"
      data: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/data/"
      modules: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/modules/"
      reports: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/reports/"
      plugins: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/plugins/"
      rpcd_handlers: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/rpcd_handlers/"
      path_extractors: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/path_extractors/"
      fingerprinters: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/fingerprinters/"
      lib: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/lib/arachni/"
      support: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/lib/arachni/support/"
      mixins: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/lib/arachni/mixins/"
      arachni: "/root/softs/arachni-0.4.6-0.4.3/system/gems/gems/arachni-0.4.6/lib/arachni"
    user_agent: Arachni/v0.4.6
    http_timeout: 50000
    datastore:
      :token: 155d59e07a7bfe7459edda2fa9fd8cbd52d3ab8bc4ced04581a3e5caf4eb0071
    redundant: {}
    grid_mode: 
    https_only: true
    obey_robots_txt: false
    fuzz_methods: false
    audit_cookies_extensively: false
    exclude_binaries: false
    auto_redundant: 
    depth_limit: 
    link_count_limit: 
    redirect_limit: 20
    lsmod: []
    lsrep: []
    http_req_limit: 20
    http_queue_size: 500
    http_username: 
    http_password: 
    mods:
    - code_injection
    - code_injection_php_input_wrapper
    - code_injection_timing
    - csrf
    - file_inclusion
    - ldapi
    - os_cmd_injection
    - os_cmd_injection_timing
    - path_traversal
    - response_splitting
    - rfi
    - session_fixation
    - source_code_disclosure
    - sqli
    - sqli_blind_rdiff
    - sqli_blind_timing
    - trainer
    - unvalidated_redirect
    - xpath
    - xss
    - xss_event
    - xss_path
    - xss_script_tag
    - xss_tag
    - allowed_methods
    - backdoors
    - backup_files
    - captcha
    - common_directories
    - common_files
    - credit_card
    - cvs_svn_users
    - directory_listing
    - emails
    - form_upload
    - htaccess_limit
    - html_objects
    - http_only_cookies
    - http_put
    - insecure_cookies
    - interesting_responses
    - localstart_asp
    - mixed_resource
    - password_autocomplete
    - private_ip
    - ssn
    - unencrypted_password_forms
    - webdav
    - x_forwarded_for_access_restriction_bypass
    - xst
    reports: {}
    exclude: []
    exclude_pages: []
    exclude_cookies: []
    exclude_vectors: []
    include: []
    lsplug: []
    plugins:
      autologin:
        url: https://www.xxxxxxxx.com/hlogin.js?10531924
        params: uid=xxxxx&passw=xxxxxxx
        check: Sign Off|MY ACCOUNT
      autothrottle: 
      discovery: 
      healthmap: 
      resolver: 
      timing_attacks: 
      uniformity: 
    rpc_instance_port_range:
    - 1025
    - 65535
    load_profile: []
    restrict_paths: []
    extend_paths: []
    custom_headers: {}
    min_pages_per_instance: 30
    max_slaves: 10
    no_fingerprinting: false
    platforms: []
    spawns: 0
    rpc_address: localhost
    rpc_port: 48730
    audit_links: true
    audit_forms: true
    audit_cookies: true
    audit_headers: false
    follow_subdomains: false
    url: https://www.xxxxxxxx.com/servlet/hlogin
    start_datetime: 2014-04-05 10:52:32.138083640 -03:00
    delta_time: 6.242635756
    cookies: []
    --------------------------------------------------------------------------------
    [2014-04-05 10:52:38 -0300] AutoLogin: Could not find a form suiting the provided params at: https://www.xxxxxxxx.com/hlogin.js?10531924
    
  6. Support Staff 6 Posted by Tasos Laskos on 05 Apr, 2014 05:06 PM

    Tasos Laskos's Avatar

    Looks like you've used the example configuration.
    You need to update the form parameters you're passing to the autologin plugin to correspond with your login form. Your form calls its login inputs something other than uid and passw. Also, you need to change the check option to correspond to your webapp's indicator as well.

    Cheers

  7. 7 Posted by Eliézer Pereira on 05 Apr, 2014 05:55 PM

    Eliézer Pereira's Avatar

    so i have to put on script autologin some like this:

    • Form parameters to submit. ( username=user&password=pass ) (params):

    Login=xxxxxx&Password=xxxxxx

    fields required on my web app
    (please see atached file)

  8. Support Staff 8 Posted by Tasos Laskos on 05 Apr, 2014 05:57 PM

    Tasos Laskos's Avatar

    Yep, although there's no attached file.

    Also, I saw a .js extension, not sure what that means but if the form is submitted via Javascript then the autologin plugin will not work.

  9. 9 Posted by Eliézer on 10 Apr, 2014 04:04 PM

    Eliézer's Avatar

    Hi Tasos,

    I changed the plugin config and now appears other error:

    AutoLogin: Form submitted but the response did not match the verifier.

  10. Support Staff 10 Posted by Tasos Laskos on 10 Apr, 2014 04:06 PM

    Tasos Laskos's Avatar

    Can you show me the updated config please?

  11. 11 Posted by Eliézer on 10 Apr, 2014 06:11 PM

    Eliézer's Avatar

    see log error please

  12. Support Staff 12 Posted by Tasos Laskos on 10 Apr, 2014 07:11 PM

    Tasos Laskos's Avatar

    You didn't properly configure the plugin as per my previous instructions. You forgot to set the proper check option for your web application, it still has the value of Sign Off|MY ACCOUNT from the help article.

  13. 13 Posted by Eliézer on 10 Apr, 2014 07:16 PM

    Eliézer's Avatar

    i dont understood what is goal of this value
    can you explain me?

    I dont find nothing to put on this field that can be on my web app

  14. Support Staff 14 Posted by Tasos Laskos on 10 Apr, 2014 07:20 PM

    Tasos Laskos's Avatar

    I don't know how to explain it better, the article is pretty clear:

    check -- A pattern to be matched against the response body after requesting the supplied URL in order to verify a successful login.

    Basically, it must be a string that will only appear after a successful login so that the system will know that it has a valid session.

  15. Tasos Laskos closed this discussion on 27 Jun, 2014 11:30 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac