Proxy plugin not working on windows
Hi,
I've been trying to do a web service scan as described at http://support.arachni-scanner.com/kb/general-use/service-scanning. The proxy doesn't appear to be working under windows. I've attached the log.
Thanks,
Shane
- log.txt 21.2 KB
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 18 May, 2016 05:45 PM
Can you try the nighties please and see if that makes a difference?
2 Posted by scorgatelli on 18 May, 2016 08:16 PM
I tried with arachni-2.0dev-1.0dev-windows-x86_64 and get the same results.
Thank you,
Shane
Support Staff 3 Posted by Tasos Laskos on 19 May, 2016 08:29 AM
It looks like it only happens with
--scope-page-limit=0
and only on MS Windows, it's pretty strange but I can at least reproduce it now.Looking into it.
Support Staff 4 Posted by Tasos Laskos on 19 May, 2016 08:43 AM
Can you retry after making sure that you kill all old Ruby processes and terminals from which you launched them?
Or specify a different port for the proxy?
5 Posted by scorgatelli on 19 May, 2016 07:16 PM
So, I killed everything and tried with a different port. Still the same result. However by changing scope-page-limit to 1, I was able run a request through the proxy and get the vectors.
Now, I have a separate issue. When running the scan using the vector_feed plugin it doesn't fuzz the XML inputs. Looking at the requests in wireshark, the element values are the same for every request. Ideally I would like to keep the username, and password parameters static and fuzz the other parameters. I've attached the vector feed. Is there a way I can make this happen?
Thanks for your help.
Support Staff 6 Posted by Tasos Laskos on 20 May, 2016 05:51 AM
As you providing any
--audit-*
options?7 Posted by scorgatelli on 20 May, 2016 02:31 PM
I've tried with both with
--audit-json --audit-xml
and without any--audit-*
options neither seem to work.Thanks
Support Staff 8 Posted by Tasos Laskos on 09 Jun, 2016 08:56 AM
Sorry for the late response.
Any chance I can have a look at that webapp?
Cheers
9 Posted by coolxia on 15 Jun, 2016 08:52 AM
I also have the same problem, but my machine is a Linux system, use --scope-page-limit=0 arachni don't work
Support Staff 10 Posted by Tasos Laskos on 16 Jun, 2016 06:36 AM
Someone opened an issue at: https://github.com/Arachni/arachni/issues/736
You can follow it to get progress on the situation.
In the meantime try setting the page limit to 1.
Cheers
Tasos Laskos closed this discussion on 03 Aug, 2016 02:23 PM.