or Create a profile

Home Problems

autologin: undefined method `url' for nil:NilClass

Marco Eberl's Avatar

Marco Eberl

07 May, 2015 01:46 PM

Hi Team,

I'm new to Arachni and i always get following error when using autologin:

plugins:
  autologin:
    url: http://testhtml5.vulnweb.com/#/popular
    parameters: username=admin&password=admin
    check: <a href="/logout">Logout</a>
  autothrottle: 
  discovery: 
  healthmap: 
  timing_attacks: 
  uniformity: 
no_fingerprinting: false
authorized_by: 
url: http://testhtml5.vulnweb.com/
--------------------------------------------------------------------------------
[2015-05-07 09:35:44 -0400] [NoMethodError] undefined method `url' for nil:NilClass
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/components/plugins/autologin.rb:51:in `run'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:68:in `block (3 levels) in run'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `call'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `exception_jail'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:65:in `block (2 levels) in run'
[2015-05-07 09:35:44 -0400] 
[2015-05-07 09:35:44 -0400] Parent:
[2015-05-07 09:35:44 -0400] Arachni::RPC::Server::Plugin::Manager
[2015-05-07 09:35:44 -0400] 
[2015-05-07 09:35:44 -0400] Block:
[2015-05-07 09:35:44 -0400] #<Proc:0x00000002030c80@/usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:65>
[2015-05-07 09:35:44 -0400] 
[2015-05-07 09:35:44 -0400] Caller:
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `exception_jail'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:65:in `block (2 levels) in run'
[2015-05-07 09:35:44 -0400] --------------------------------------------------------------------------------

I just want to scan a test site with a simple login.
What am i doing wrong?

Thanks

  1. Support Staff 1 Posted by Tasos Laskos on 07 May, 2015 01:49 PM

    Tasos Laskos's Avatar

    Hello, can you please grab the latest version?
    This bug should be fixed in v1.1.

    Cheers

    PS. That site doesn't really have a user system, that form is just for show.

  2. Tasos Laskos closed this discussion on 07 May, 2015 01:49 PM.

  3. Marco Eberl re-opened this discussion on 07 May, 2015 02:19 PM

  4. 2 Posted by Marco Eberl on 07 May, 2015 02:19 PM

    Marco Eberl's Avatar

    Thanks for the fast reply.
    Unfortunately i get the same error in v1.1...

  5. Support Staff 3 Posted by Tasos Laskos on 07 May, 2015 02:22 PM

    Tasos Laskos's Avatar

    Just to be safe, can you show me the error you get with v1.1 please?

  6. 4 Posted by Marco Eberl on 07 May, 2015 02:24 PM

    Marco Eberl's Avatar

    Of course:

    autologin:
    url: http://testhtml5.vulnweb.com
    parameters: username=admin&password=admin
    check: <a href="/logout">Logout</a>
  autothrottle: 
  discovery: 
  healthmap: 
  timing_attacks: 
  uniformity: 
no_fingerprinting: false
authorized_by: 
url: http://testhtml5.vulnweb.com/
--------------------------------------------------------------------------------
[2015-05-07 10:16:02 -0400] [NoMethodError] undefined method `url' for nil:NilClass
[2015-05-07 10:16:02 -0400] /root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/components/plugins/autologin.rb:51:in `run'
[2015-05-07 10:16:02 -0400] /root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/plugin/manager.rb:75:in `block (3 levels) in run'
[2015-05-07 10:16:02 -0400] /root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:in `call'
[2015-05-07 10:16:02 -0400] /root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:in `exception_jail'
[2015-05-07 10:16:02 -0400] /root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/plugin/manager.rb:67:in `block (2 levels) in run'
[2015-05-07 10:16:02 -0400] 
[2015-05-07 10:16:02 -0400] Parent:
[2015-05-07 10:16:02 -0400] Arachni::RPC::Server::Plugin::Manager
[2015-05-07 10:16:02 -0400] 
[2015-05-07 10:16:02 -0400] Block:
[2015-05-07 10:16:02 -0400] #<Proc:0x000000043bcf78@/root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/plugin/manager.rb:67>
[2015-05-07 10:16:02 -0400] 
[2015-05-07 10:16:02 -0400] Caller:
[2015-05-07 10:16:02 -0400] /root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:in `exception_jail'
[2015-05-07 10:16:02 -0400] /root/Downloads/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/plugin/manager.rb:67:in `block (2 levels) in run'

  7. Support Staff 5 Posted by Tasos Laskos on 07 May, 2015 02:28 PM

    Tasos Laskos's Avatar

    Thanks, I'll investigate this issue further.

    Hopefully this is a specialized case which shouldn't cause you any issues when scanning a real site, but if it does you can use alternative ways to login until I sort this out.

    See: http://support.arachni-scanner.com/kb/general-use/logging-in-and-ma...

  8. Support Staff 6 Posted by Tasos Laskos on 08 May, 2015 03:07 PM

    Tasos Laskos's Avatar

    Turns out, since the form is invisible until you click the "Login" button, the browser cannot locate it in order to submit it.

    That's fair enough since for more complex login sequences it is better to use the login_script plugin, but the autologin plugin should have handled the situation more gracefully.

    Working on that now.

  9. Support Staff 7 Posted by Tasos Laskos on 08 May, 2015 04:02 PM

    Tasos Laskos's Avatar

    Updated the plugin to fail gracefully and be informative: https://github.com/Arachni/arachni/commit/27fb09545557051294404d60b...

    Updated the relevant KB article: http://support.arachni-scanner.com/kb/general-use/logging-in-and-ma...

    Thanks for the feedback. :)

  10. Tasos Laskos closed this discussion on 08 May, 2015 04:02 PM.

Comments are currently closed for this discussion. You can start a new one.

  • New Issue

  • Conversation Started

  • The discussion is closed

    No more actions from Arachni or the discussion starter are required.

  • Re-open the discussion

Private Permissions

This discussion is private. Only you and Arachni support staff can see and reply to it.

Public Permissions

This discussion is public. Everyone can see and reply to it.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

19 Oct, 2020 06:04 AM We're sorry, but something went wrong.
25 Sep, 2020 09:14 AM Rest Server couldn't get result from Arachni Web server
24 Sep, 2020 09:07 AM we're sorry, but something went wrong
18 Sep, 2020 11:50 AM We're sorry, but something went wrong.
08 Sep, 2020 10:13 AM how can I fix this problem? [filesize_exceeded] Maximum file size exceeded

Recent Articles

Optimizing for faster scans
Service scanning
Software as a Service (Saas)