or Create a profile

Home Problems

Why not allow localhost scans

Matt's Avatar

Matt

26 Apr, 2017 09:32 PM

I'd like to be able to scan via localhost and/or 127.0.0.1 so that I can test my web app before it goes live. Is there any technical reason why I loopback scanning is not allowed?
I've tried using 127.0.0.2 per these support issues: 12687 and 12704 but this did not work. Here's the stack trace that was given on upon failure:

/arachni-build-dir/arachni/system/gems/bundler/gems/arachni-d641941154fe/lib/arachni/options.rb:223:in `url=': Loopback interfaces (like 127.0.0.2) are not supported, please use a different IP address or hostname. (Arachni::Options::Error::ReservedHostname)
    from /arachni-build-dir/arachni/system/gems/bundler/gems/arachni-d641941154fe/ui/cli/framework/option_parser.rb:701:in `after_parse'
    from /arachni-build-dir/arachni/system/gems/bundler/gems/arachni-d641941154fe/ui/cli/option_parser.rb:75:in `parse'
    from /arachni-build-dir/arachni/system/gems/bundler/gems/arachni-d641941154fe/ui/cli/framework.rb:426:in `parse_options'
    from /arachni-build-dir/arachni/system/gems/bundler/gems/arachni-d641941154fe/ui/cli/framework.rb:32:in `initialize'
    from /arachni-build-dir/arachni/system/gems/bundler/gems/arachni-d641941154fe/bin/arachni:12:in `new'
    from /arachni-build-dir/arachni/system/gems/bundler/gems/arachni-d641941154fe/bin/arachni:12:in `<top (required)>'
    from /arachni-build-dir/arachni/bin/../system/arachni-ui-web/bin/arachni:17:in `load'
    from /arachni-build-dir/arachni/bin/../system/arachni-ui-web/bin/arachni:17:in `<main>'
Arachni - Web Application Security Scanner Framework v2.0dev
   Author: Tasos "Zapotek" Laskos <[email blocked]>

           (With the support of the community and the Arachni Team.)

   Website:       http://arachni-scanner.com
   Documentation: http://arachni-scanner.com/wiki

  1. 1 Posted by Mak on 27 Apr, 2017 06:15 AM

    Mak's Avatar

    I have the same issue. Please help!

  2. Support Staff 2 Posted by Tasos Laskos on 27 Apr, 2017 10:20 AM

    Tasos Laskos's Avatar

    PhantonJS disregards the proxy when making requests to loopback interfaces so Arachni can't control it. This isn't an issue though as you can use any local interface or hostname, just not loopback ones.

  3. Tasos Laskos closed this discussion on 27 Apr, 2017 10:20 AM.

Comments are currently closed for this discussion. You can start a new one.

  • New Issue

  • Conversation Started

  • The discussion is closed

    No more actions from Arachni or the discussion starter are required.

  • Re-open the discussion

Private Permissions

This discussion is private. Only you and Arachni support staff can see and reply to it.

Public Permissions

This discussion is public. Everyone can see and reply to it.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

29 Jul, 2024 06:44 AM Dear arachni-scanner.com Owner.
15 Feb, 2024 09:48 AM Arachni download
12 Jan, 2024 12:01 AM We're sorry, but something went wrong.
19 Oct, 2023 06:03 PM Error - Not able Scan /ruby/lib/ruby/gems/2.7.0/gems/arachni-1.6.1.3/lib/arachni/rpc/server/framework.rb:156:in `block in run'
12 Aug, 2023 11:04 AM Error when launching arachni_web

Recent Articles

Optimizing for faster scans
Service scanning
Software as a Service (Saas)