Recording login via proxy plugin
Hi, first off thanks for creating Arachni, it is very useful.
Here is my problem: I run Arachni from my Linux box and SSH to it from my Windows desktop via PuTTY. I run Arachni from the command line, which I would normally script, but I also use the proxy_plugin to allow me to record a login session. As far as I can tell there is no way to script this part, it appears to be only interactive.
So what I do is log into the Linux box via PuTTY and run Arachni from the command line enabling the proxy, Then from Windows set my browser proxy to the Linux/Aracni instance, browse to login page, hit record, log in, browse around a bit, stop record, then shutdown the proxy,. The scan is now running and displaying in the PuTTY session.
This particular scan takes quite a while (+14 hours) and my problem is that my PuTTY session will terminate (or timeout) after a period of time killing the scan. I have tried to configure the keepalive in PuTTY but that did not work.
So, I would like to know if there is a way to enable the proxy plugin, and record the login session (saving it somehow), so that I can run the scan via script and call the recorded login session. Or, something along those lines.
I'm also looking into another SSH client that won't disconnect. I've never had this problem with PuTTY before, so I'm not sure why it is doing this.
Thanks
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 12 Jun, 2015 10:00 PM
Hello,
You're very welcome. :)
There are multiple solutions for your particular problem.
First of all, about the PuTTy thing, your best choice is to use the
screen
utility to run arachni in the background, then even if you get disconnected you can connect again and attach to Arachni'sscreen
session to keep observing its progress.You can also use the WebUI which will give you the same functionality but let you manage the scan via a nice interface.
With regards to the login, the best choice would be to use one of the alternative automated ways, like the
autologin
orlogin_script
(this one doesn't work over the WebUI) plugins.For that you can consult the relevant KB article.
Btw, the support portal automatically attaches KB articles that thinks are pertinent to the question (like in this case) so in the future you can check that out while you're waiting for a response, it can usually save you some time.
Let me know if my suggestions solve your problem.
Cheers
Tasos Laskos closed this discussion on 30 Sep, 2015 02:55 PM.