autologin: undefined method `url' for nil:NilClass
Hi Team,
I'm new to Arachni and i always get following error when using autologin:
plugins:
autologin:
url: http://testhtml5.vulnweb.com/#/popular
parameters: username=admin&password=admin
check: <a href="/logout">Logout</a>
autothrottle:
discovery:
healthmap:
timing_attacks:
uniformity:
no_fingerprinting: false
authorized_by:
url: http://testhtml5.vulnweb.com/
--------------------------------------------------------------------------------
[2015-05-07 09:35:44 -0400] [NoMethodError] undefined method `url' for nil:NilClass
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/components/plugins/autologin.rb:51:in `run'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:68:in `block (3 levels) in run'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `call'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `exception_jail'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:65:in `block (2 levels) in run'
[2015-05-07 09:35:44 -0400]
[2015-05-07 09:35:44 -0400] Parent:
[2015-05-07 09:35:44 -0400] Arachni::RPC::Server::Plugin::Manager
[2015-05-07 09:35:44 -0400]
[2015-05-07 09:35:44 -0400] Block:
[2015-05-07 09:35:44 -0400] #<Proc:0x00000002030c80@/usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:65>
[2015-05-07 09:35:44 -0400]
[2015-05-07 09:35:44 -0400] Caller:
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `exception_jail'
[2015-05-07 09:35:44 -0400] /usr/share/arachni/system/gems/gems/arachni-1.0.6/lib/arachni/plugin/manager.rb:65:in `block (2 levels) in run'
[2015-05-07 09:35:44 -0400] --------------------------------------------------------------------------------
I just want to scan a test site with a simple login.
What am i doing wrong?
Thanks
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 07 May, 2015 01:49 PM
Hello, can you please grab the latest version?
This bug should be fixed in v1.1.
Cheers
PS. That site doesn't really have a user system, that form is just for show.
Tasos Laskos closed this discussion on 07 May, 2015 01:49 PM.
Marco Eberl re-opened this discussion on 07 May, 2015 02:19 PM
2 Posted by Marco Eberl on 07 May, 2015 02:19 PM
Thanks for the fast reply.
Unfortunately i get the same error in v1.1...
Support Staff 3 Posted by Tasos Laskos on 07 May, 2015 02:22 PM
Just to be safe, can you show me the error you get with v1.1 please?
4 Posted by Marco Eberl on 07 May, 2015 02:24 PM
Of course:
Support Staff 5 Posted by Tasos Laskos on 07 May, 2015 02:28 PM
Thanks, I'll investigate this issue further.
Hopefully this is a specialized case which shouldn't cause you any issues when scanning a real site, but if it does you can use alternative ways to login until I sort this out.
See: http://support.arachni-scanner.com/kb/general-use/logging-in-and-ma...
Support Staff 6 Posted by Tasos Laskos on 08 May, 2015 03:07 PM
Turns out, since the form is invisible until you click the "Login" button, the browser cannot locate it in order to submit it.
That's fair enough since for more complex login sequences it is better to use the login_script plugin, but the
autologin
plugin should have handled the situation more gracefully.Working on that now.
Support Staff 7 Posted by Tasos Laskos on 08 May, 2015 04:02 PM
Updated the plugin to fail gracefully and be informative: https://github.com/Arachni/arachni/commit/27fb09545557051294404d60b...
Updated the relevant KB article: http://support.arachni-scanner.com/kb/general-use/logging-in-and-ma...
Thanks for the feedback. :)
Tasos Laskos closed this discussion on 08 May, 2015 04:02 PM.