Proxy plugin not working on windows

scorgatelli's Avatar

scorgatelli

18 May, 2016 03:44 PM

Hi,

I've been trying to do a web service scan as described at http://support.arachni-scanner.com/kb/general-use/service-scanning. The proxy doesn't appear to be working under windows. I've attached the log.

Thanks,
Shane

  1. Support Staff 1 Posted by Tasos Laskos on 18 May, 2016 05:45 PM

    Tasos Laskos's Avatar

    Can you try the nighties please and see if that makes a difference?

  2. 2 Posted by scorgatelli on 18 May, 2016 08:16 PM

    scorgatelli's Avatar

    I tried with arachni-2.0dev-1.0dev-windows-x86_64 and get the same results.

    Thank you,
    Shane

  3. Support Staff 3 Posted by Tasos Laskos on 19 May, 2016 08:29 AM

    Tasos Laskos's Avatar

    It looks like it only happens with --scope-page-limit=0 and only on MS Windows, it's pretty strange but I can at least reproduce it now.

    Looking into it.

  4. Support Staff 4 Posted by Tasos Laskos on 19 May, 2016 08:43 AM

    Tasos Laskos's Avatar

    Can you retry after making sure that you kill all old Ruby processes and terminals from which you launched them?
    Or specify a different port for the proxy?

  5. 5 Posted by scorgatelli on 19 May, 2016 07:16 PM

    scorgatelli's Avatar

    So, I killed everything and tried with a different port. Still the same result. However by changing scope-page-limit to 1, I was able run a request through the proxy and get the vectors.

    Now, I have a separate issue. When running the scan using the vector_feed plugin it doesn't fuzz the XML inputs. Looking at the requests in wireshark, the element values are the same for every request. Ideally I would like to keep the username, and password parameters static and fuzz the other parameters. I've attached the vector feed. Is there a way I can make this happen?

    Thanks for your help.

  6. Support Staff 6 Posted by Tasos Laskos on 20 May, 2016 05:51 AM

    Tasos Laskos's Avatar

    As you providing any --audit-* options?

  7. 7 Posted by scorgatelli on 20 May, 2016 02:31 PM

    scorgatelli's Avatar

    I've tried with both with --audit-json --audit-xml and without any --audit-* options neither seem to work.

    ./bin/arachni http://redacted-host/service.asmx  --scope-page-limit=0 --checks="xxe,sql_injection,xpath_injection" --output-debug=3 --plugin=vector_feed:yaml
    _file=vectors.yml
    
    ./bin/arachni http://redacted-host/service.asmx  --scope-page-limit=0 --checks="xxe,sql_injection,xpath_injection" --audit-jsons --audit-xmls --output-debug=
    3 --plugin=vector_feed:yaml_file=vectors.yml
    

    Thanks

  8. Support Staff 8 Posted by Tasos Laskos on 09 Jun, 2016 08:56 AM

    Tasos Laskos's Avatar

    Sorry for the late response.

    Any chance I can have a look at that webapp?

    Cheers

  9. 9 Posted by coolxia on 15 Jun, 2016 08:52 AM

    coolxia's Avatar

    I also have the same problem, but my machine is a Linux system, use --scope-page-limit=0 arachni don't work

  10. Support Staff 10 Posted by Tasos Laskos on 16 Jun, 2016 06:36 AM

    Tasos Laskos's Avatar

    Someone opened an issue at: https://github.com/Arachni/arachni/issues/736
    You can follow it to get progress on the situation.

    In the meantime try setting the page limit to 1.

    Cheers

  11. Tasos Laskos closed this discussion on 03 Aug, 2016 02:23 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac