Plugin vector_feed doesnt work
Arachni cant find vulnerables with vector_feed plugin, the comandline and the yaml file like below:
./arachni http://phptest.vulnweb.com --plugin=vector_feed:yaml_file=/root/Desktop/vectors_post.yml --checks=xss* --scope-page-limit=1
vectors_post.xml:
#
# Generated by the Proxy plugin of the Arachni Web Application Security Scanner Framework.
#
# The contents of this file are formatted for use with the 'vector_feed' plugin.
# You can use this file to save and then feed these vectors back to Arachni
# without needing to operate the proxy again.
#
---
- :type: :form
:method: :post
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
uuname: a
upass: a
upass2: a
urname: a
ucc: a
uemail: a
uphone: a
uaddress: a
signup: signup
:source:
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Accept-Encoding: gzip, deflate
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
From: ''
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_2) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Referer: http://testphp.vulnweb.com/signup.php
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Pragma: no-cache
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Host: testphp.vulnweb.com
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Proxy-Connection: keep-alive
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Cache-Control: max-age=0
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Origin: http://testphp.vulnweb.com
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Upgrade-Insecure-Requests: '1'
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Content-Type: application/x-www-form-urlencoded
- :type: :header
:method: :get
:action: http://testphp.vulnweb.com/secured/newuser.php
:inputs:
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6,zh-TW;q=0.4
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
1 Posted by KxCode on 06 Jan, 2016 09:57 AM
attached yaml file
Support Staff 2 Posted by Tasos Laskos on 06 Jan, 2016 12:19 PM
Thanks for the feedback, looking into it.
Cheers
Support Staff 3 Posted by Tasos Laskos on 06 Jan, 2016 12:33 PM
Turns out it's the scope page restriction, if you set it to 3 it will work although it shouldn't behave this way.
Support Staff 4 Posted by Tasos Laskos on 06 Jan, 2016 01:17 PM
Erm, turns out you have the wrong URL, it's http://testphp.vulnweb.com not http://phptest.vulnweb.com.
You also need to set
--scope-page-limit=0
like the plugin's description says.Cheers
Tasos Laskos closed this discussion on 06 Jan, 2016 01:17 PM.