2014-04-10 13:01:30 -0300 -------------------------------------------------------------------------------- ENV: --- SSH_AGENT_PID: '3062' NOKOGIRI_USE_SYSTEM_LIBRARIES: 'true' GEM_HOME: "/usr/share/arachni/system/gems" GPG_AGENT_INFO: "/root/.cache/keyring-MbHKrL/gpg:0:1" TERM: xterm SHELL: "/bin/bash" XDG_SESSION_COOKIE: 7fe0fb6781485310003a6ce6513a6372-1397143697.672688-898702603 IRBRC: "/usr/share/arachni/bin/../system/usr/lib/ruby/.irbrc" WINDOWID: '16777220' GNOME_KEYRING_CONTROL: "/root/.cache/keyring-MbHKrL" MY_RUBY_HOME: "/usr/share/arachni/bin/../system/usr/lib/ruby" USER: root LD_LIBRARY_PATH: "/usr/share/arachni/bin/../system/usr/lib" LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36:' SSH_AUTH_SOCK: "/root/.cache/keyring-MbHKrL/ssh" SESSION_MANAGER: local/kali:@/tmp/.ICE-unix/3005,unix/kali:/tmp/.ICE-unix/3005 USERNAME: root DESKTOP_SESSION: default PATH: "/usr/share/arachni/system/gems/bin:/usr/share/arachni/bin/../system/../bin:/usr/share/arachni/bin/../system/usr/bin:/usr/share/arachni/bin/../system/gems/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" PWD: "/usr/share/arachni/bin" ARACHNI_WEBUI_LOGDIR: "/usr/share/arachni/bin/../system/logs/webui" LANG: en_US.UTF-8 GNOME_KEYRING_PID: '2987' GDM_LANG: en_US.UTF-8 ARACHNI_FRAMEWORK_LOGDIR: "/usr/share/arachni/bin/../system/logs/framework" GDMSESSION: default HOME: "/root" SHLVL: '1' RAILS_ENV: production GNOME_DESKTOP_SESSION_ID: this-is-deprecated DYLD_LIBRARY_PATH: "/usr/share/arachni/bin/../system/usr/lib:" LOGNAME: root GEM_PATH: "/usr/share/arachni/bin/../system/gems" DBUS_SESSION_BUS_ADDRESS: unix:abstract=/tmp/dbus-Bna9GUjUNk,guid=f85f9937244a4c172895ccfb5346b892 XDG_DATA_DIRS: "/usr/share/gnome:/usr/local/share/:/usr/share/" WINDOWPATH: '7' DISPLAY: ":0.0" RUBYLIB: "/usr/share/arachni/system/gems/gems/bundler-1.5.1/lib:/usr/share/arachni/bin/../system/usr/lib/ruby:/usr/share/arachni/bin/../system/usr/lib/ruby/site_ruby/1.9.1:/usr/share/arachni/bin/../system/usr/lib/ruby/1.9.1:/usr/share/arachni/bin/../system/usr/lib/ruby/1.9.1/i686-linux:/usr/share/arachni/bin/../system/usr/lib/ruby/site_ruby/1.9.1/i686-linux" RUBY_VERSION: ruby-1.9.3-p448 COLORTERM: gnome-terminal XAUTHORITY: "/var/run/gdm3/auth-for-root-mQjVJx/database" RACK_ENV: development BUNDLE_GEMFILE: "/usr/share/arachni/system/arachni-ui-web/Gemfile" _ORIGINAL_GEM_PATH: "/usr/share/arachni/bin/../system/gems" BUNDLE_BIN_PATH: "/usr/share/arachni/system/gems/gems/bundler-1.5.1/bin/bundle" RUBYOPT: "-rbundler/setup" -------------------------------------------------------------------------------- OPTIONS: --- !ruby/object:Arachni::Options dir: root: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/" gfx: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/gfx/" conf: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/conf/" logs: "/usr/share/arachni/bin/../system/logs/framework/" data: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/data/" modules: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/modules/" reports: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/reports/" plugins: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/plugins/" rpcd_handlers: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/rpcd_handlers/" path_extractors: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/path_extractors/" fingerprinters: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/fingerprinters/" lib: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/lib/arachni/" support: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/lib/arachni/support/" mixins: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/lib/arachni/mixins/" arachni: "/usr/share/arachni/system/gems/gems/arachni-0.4.6/lib/arachni" user_agent: Arachni/v0.4.6 http_timeout: 50000 datastore: :token: 82833c2d16cf984b6b0ccb2fefb70a2fdd3bda6cc23cde4fe68602dd64e4a762 redundant: {} grid_mode: https_only: false obey_robots_txt: false fuzz_methods: false audit_cookies_extensively: false exclude_binaries: false auto_redundant: depth_limit: link_count_limit: redirect_limit: 20 lsmod: [] lsrep: [] http_req_limit: 20 http_queue_size: 500 http_username: http_password: mods: - code_injection - code_injection_php_input_wrapper - code_injection_timing - csrf - file_inclusion - ldapi - os_cmd_injection - os_cmd_injection_timing - path_traversal - response_splitting - rfi - session_fixation - source_code_disclosure - sqli - sqli_blind_rdiff - sqli_blind_timing - trainer - unvalidated_redirect - xpath - xss - xss_event - xss_path - xss_script_tag - xss_tag - allowed_methods - backdoors - backup_files - captcha - common_directories - common_files - credit_card - cvs_svn_users - directory_listing - emails - form_upload - htaccess_limit - html_objects - http_only_cookies - http_put - insecure_cookies - interesting_responses - localstart_asp - mixed_resource - password_autocomplete - private_ip - ssn - unencrypted_password_forms - webdav - x_forwarded_for_access_restriction_bypass - xst reports: {} exclude: [] exclude_pages: [] exclude_cookies: [] exclude_vectors: [] include: [] lsplug: [] plugins: autologin: url: https://ww14.r2tec.com/r2tasks/servlet/hlogin params: vUSUID=xxxxxxx&vUSUPWD=xxxxxxx check: Sign Off|MY ACCOUNT autothrottle: discovery: healthmap: resolver: timing_attacks: uniformity: rpc_instance_port_range: - 1025 - 65535 load_profile: [] restrict_paths: [] extend_paths: [] custom_headers: {} min_pages_per_instance: 30 max_slaves: 10 no_fingerprinting: false platforms: [] spawns: 0 rpc_address: localhost rpc_port: 63801 audit_links: true audit_forms: true audit_cookies: true audit_headers: false follow_subdomains: false url: https://ww14.r2tec.com/r2tasks/servlet/hlogin start_datetime: 2014-04-10 13:01:27.801030279 -03:00 cookies: - !ruby/object:Arachni::Element::Cookie raw: name: JSESSIONID value: 9A21B6858935673EDBD841CC91AD9886 version: 0 port: discard: comment_url: expires: max_age: comment: secure: true path: "/r2tasks" domain: ww14.r2tec.com httponly: true url: https://ww14.r2tec.com/r2tasks/servlet/hlogin hash: -237096 opts: {} action: https://ww14.r2tec.com/r2tasks/servlet/hlogin method: get auditable: JSESSIONID: 9A21B6858935673EDBD841CC91AD9886 orig: JSESSIONID: 9A21B6858935673EDBD841CC91AD9886 auditor: - !ruby/object:Arachni::Element::Cookie raw: name: GX_SESSION_ID value: "+kwRnrXsBI4IOCXLLp5N/jj1o/ze1TOTPiwL2cd63hk=" version: 0 port: discard: comment_url: expires: max_age: comment: secure: path: "/" domain: ww14.r2tec.com httponly: false url: https://ww14.r2tec.com/r2tasks/servlet/hlogin hash: 530901125 opts: {} action: https://ww14.r2tec.com/r2tasks/servlet/hlogin method: get auditable: GX_SESSION_ID: "+kwRnrXsBI4IOCXLLp5N/jj1o/ze1TOTPiwL2cd63hk=" orig: GX_SESSION_ID: " kwRnrXsBI4IOCXLLp5N/jj1o/ze1TOTPiwL2cd63hk=" auditor: delta_time: 1.014311068 -------------------------------------------------------------------------------- [2014-04-10 13:01:30 -0300] AutoLogin: Form submitted but the response did not match the verifier.