tag:support.arachni-scanner.com,2012-07-01:/discussions/problems/2055-arachni-seems-to-be-not-scanning
Arachni: Discussion
2018-10-19T07:41:36Z
tag:support.arachni-scanner.com,2012-07-01:Comment/34043403
2014-08-06T14:55:36Z
2014-08-06T14:55:38Z
Arachni seems to be not scanning
<div><p>Hello, there!</p>
<p>I'm running arachni (against a vulnerabilty test site) and it
seems to be not scanning the site. And don't has raised any
errors.</p>
<p>Below the output (also I've attached an output file) of the
command "arachni <a href=
"http://http://testphp.vulnweb.com">http://http://testphp.vulnweb.com</a>
--debug".</p>
<p>Any tips? Thanks!</p>
<p>Arachni - Web Application Security Scanner Framework v0.4.7<br>
Author: Tasos "Zapotek" Laskos <a href=
"mailto:tasos.laskos@gmail.com">tasos.laskos@gmail.com</a></p>
<pre>
<code> (With the support of the community and the Arachni Team.)</code>
</pre>
<p>Website: <a href=
"http://arachni-scanner.com">http://arachni-scanner.com</a>
Documentation: <a href=
"http://arachni-scanner.com/wiki">http://arachni-scanner.com/wiki</a></p>
<p>[~] No modules were specified. [~] -> Will run all mods.</p>
<p>[~] No audit options were specified. [~] -> Will audit links,
forms and cookies.</p>
<p>[*] Initialising... [*] Waiting for plugins to settle... [!]
HTTP: ------------ [!] HTTP: Queued request. [!] HTTP: ID#: 0 [!]
HTTP: URL: <a href=
"http://testphp.vulnweb.com/">http://testphp.vulnweb.com/</a> [!]
HTTP: Method: get [!] HTTP: Params: [!] HTTP: Headers:
{"Accept"=>"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"Accept-Encoding"=>"gzip, deflate",
"User-Agent"=>"Arachni/v0.4.7"} [!] HTTP: Train?: false [!]
HTTP: ------------ [!] HTTP: ------------ [!] HTTP: Got response
for request ID#: 0 [!] HTTP: Status: 200 [!] HTTP: Error msg: No
error [!] HTTP: URL: <a href=
"http://testphp.vulnweb.com/">http://testphp.vulnweb.com/</a> [!]
HTTP: Headers: HTTP/1.1 200 OK<br>
Server: nginx/1.4.1<br>
Date: Wed, 06 Aug 2014 14:52:10 GMT<br>
Content-Type: text/html<br>
Transfer-Encoding: chunked<br>
Connection: keep-alive<br>
X-Powered-By: PHP/5.3.10-1~lucid+2uwsgi2<br>
Content-Encoding: gzip</p>
<p>[!] HTTP: Parsed headers: {"Server"=>"nginx/1.4.1",
"Date"=>"Wed, 06 Aug 2014 14:52:10 GMT",
"Content-Type"=>"text/html", "Transfer-Encoding"=>"chunked",
"Connection"=>"keep-alive",
"X-Powered-By"=>"PHP/5.3.10-1~lucid+2uwsgi2",
"Content-Encoding"=>"gzip"} [!] HTTP: ------------ [*] Spider:
[HTTP: 200] <a href=
"http://testphp.vulnweb.com/">http://testphp.vulnweb.com/</a> [~]
Identified as: nginx, php [!] [!] Waiting on the following (6)
plugins to finish: [!] autothrottle, healthmap, discovery,
timing_attacks, uniformity, resolver [!] [*] Resolver: Resolving
hostnames... [*] Resolver: Done! [!] [!] Waiting on the following
(5) plugins to finish: [!] healthmap, discovery, timing_attacks,
uniformity, resolver [!]</p>
<p>[*] Dumping audit results in '2014-08-06 15.52.13 +0100.afr'.
[*] Done!</p>
<h1><a href="#" name="" class="anchor"></a></h1>
<p>[+] Web Application Security Report - Arachni Framework</p>
<p>[~] Report generated on: 2014-08-06 15:52:13 +0100 [~] Report
false positives at: <a href=
"http://github.com/Arachni/arachni/issues">http://github.com/Arachni/arachni/issues</a></p>
<p>[+] System settings: [~] --------------- [~] Version: 0.4.7 [~]
Revision: 0.2.8 [~] Audit started on: Wed Aug 6 15:52:10 2014 [~]
Audit finished on: Wed Aug 6 15:52:11 2014 [~] Runtime:
00:00:01</p>
<p>[~] URL: <a href=
"http://testphp.vulnweb.com/">http://testphp.vulnweb.com/</a> [~]
User agent: Arachni/v0.4.7</p>
<p>[*] Audited elements: [~] * Links [~] * Forms [~] * Cookies</p>
<p>[*] Modules: code_injection, code_injection_php_input_wrapper,
code_injection_timing, csrf, file_inclusion, ldapi,
os_cmd_injection, os_cmd_injection_timing, path_traversal,
response_splitting, rfi, session_fixation, source_code_disclosure,
sqli, sqli_blind_rdiff, sqli_blind_timing, trainer,
unvalidated_redirect, xpath, xss, xss_event, xss_path,
xss_script_tag, xss_tag, allowed_methods, backdoors, backup_files,
common_directories, common_files, directory_listing, captcha,
credit_card, cvs_svn_users, emails, form_upload, html_objects,
http_only_cookies, insecure_cookies, mixed_resource,
password_autocomplete, private_ip, ssn, unencrypted_password_forms,
htaccess_limit, http_put, interesting_responses, localstart_asp,
webdav, x_forwarded_for_access_restriction_bypass, xst</p>
<p>[~] ===========================</p>
<p>[+] 0 issues were detected.</p>
<p>[+] Plugin data: [~] ---------------</p>
<p>[*] Health map [~] ~~~~~~~~~~~~~~ [~] Description: Generates a
simple list of safe/unsafe URLs.</p>
<p>[~] Legend: [+] No issues [-] Has issues</p>
<p>[+] <a href=
"http://testphp.vulnweb.com/">http://testphp.vulnweb.com/</a></p>
<p>[~] Total: 1 [+] Without issues: 1 [-] With issues: 0 ( 0% )</p>
<p>[~] 0.0% [=> ] 100% [~] Est. remaining time: --:--:--</p>
<p>[~] Crawling, discovered 1 pages and counting.</p>
<p>[~] Sent 1 requests. [~] Received and analyzed 1 responses. [~]
In 00:00:01 [~] Average: 0 requests/second.</p>
<p>[~] Burst response time total 0 [~] Burst response count total 0
[~] Burst average response time 0 [~] Burst average 0
requests/second [~] Timed-out requests 0 [~] Original max
concurrency 20 [~] Throttled max concurrency 20</p></div>
chris
tag:support.arachni-scanner.com,2012-07-01:Comment/34043403
2014-08-06T16:13:31Z
2014-08-06T16:13:32Z
Arachni seems to be not scanning
<div><p>Nervermind. Seems to be a problem with my shell environment. I'm
using ZSH.</p>
<p>I'll keep you posted.</p>
<p>Thanks.</p></div>
chris