what's wrong with my test ?

patrick.demasson's Avatar

patrick.demasson

08 Sep, 2016 10:11 AM

i'm new with arachni, i'm using ZAP.
i test it on DVWA, there is a logging form.
what i have done :

.\bin\arachni http://10.203.4.148/DVWA-1.9/login.php --plugin=proxy --scope-exclude-pattern=logout

i log in DVWA and go throw XSS and SQLi urls, stop the proxy and the scan is launched.

arachni find nothing on those urls, only CSRF ??
proxy mode is enought to login DVWA or i have to write a logging script ?

  1. Support Staff 1 Posted by Tasos Laskos on 08 Sep, 2016 10:12 AM

    Tasos Laskos's Avatar

    I'm not sure, can you give the nightlies a try?

  2. 2 Posted by patrick.demasso... on 08 Sep, 2016 02:57 PM

    patrick.demasson's Avatar

    done, same issue

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac