tag:support.arachni-scanner.com,2012-07-01:/discussions/problems/4264-api-rest-server-doesnt-end-upArachni: Discussion 2017-06-11T10:38:47Ztag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-10T09:50:47Z2017-05-10T09:50:48Zapi rest server doesn't end up<div><p>Hi,<br>
I tried Arachni rest server against an application. I tried the Web GUI scan against the same application that finished in something like 30min.<br>
The API REST scan doesn't end up. After couple of hours, the tmp directory still growing until it's full (13Go).<br>
I tried different configurations to limitate the scan but nothing's working...</p>
<p>do you have any idea to solve my problem? i didn't find anything helpfull on the support pages :(</p>
<p>thanks,,.</p>
<p>Dave</p></div>davetag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-12T12:31:48Z2017-05-12T12:31:48Zapi rest server doesn't end up<div><p>Are you sure that you used the same configuration for both the WebUI and the REST API scans?</p>
<p>Also, I'd like to tackle the disk-usage issue, any chance I can perform an identical scan against that website?</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-12T13:06:05Z2017-05-12T13:06:06Zapi rest server doesn't end up<div><p>i tried either without any configuration for the scan (just the url) and with a "json export" of the web_ui default configuration and "re import" this default json config to POST thru the rest server.<br>
I also tried alternatives configurations to limitate the scope but no success...<br>
i'm trying now with a windows machine hosting the rest server... The scan is started from 2 hours and reached 500000 requests but the temp directory seems to remain constant...</p></div>davetag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-12T13:07:57Z2017-05-12T13:07:59Zapi rest server doesn't end up<div><p>the disk is full of those files :<br>
Arachni_Support_Database_Queue_8500_57257140_3313</p></div>davetag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-12T13:48:46Z2017-05-12T13:48:46Zapi rest server doesn't end up<div><p>A default scan is different on the WebUI and the REST API.<br>
On the WebUI it'll use the "Default" profile, on the REST API it'll just perform a crawl since no options were specified for the scan.</p>
<p>As for the temp files, could I scan the same website to see what's going on?</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-12T14:20:09Z2017-05-12T14:20:10Zapi rest server doesn't end up<div><p>the site is not exposed on the internet :(<br>
I will search another application that can be exposed and try with it before...</p>
<p>my test still running (650000 requests). "temp directory" on my windows host is contained... so far so good... (10Go)</p></div>davetag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-12T15:01:09Z2017-05-12T15:01:11Zapi rest server doesn't end up<div><p>Hi,</p>
<p>I'm working with dave. To complement the discussion, we export the default profile in json from Web-ui (that works good) and reuse it in the body of the post request to rest service.<br>
is the REST api always crawl all site ?<br>
If we can't share the site, is there any information that we can share with you to facilitate the analysis ?</p>
<p>thanks</p>
<p>regards,</p></div>Romaintag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-13T13:09:35Z2017-05-13T13:09:35Zapi rest server doesn't end up<div><p>If the JSON profile has scope restrictions they will be enforced, the system will do what you tell it.</p>
<p>About debugging the disk usage, I'm afraid I can't do it with logs, I need to do a few scans myself.</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-15T09:11:47Z2017-05-15T09:11:48Zapi rest server doesn't end up<div><p>is it possible to have a brief exchange via private message? I think we can open an url to let you debug this issue but we have to secure this.</p>
<p>thanks,</p>
<p>Dave</p></div>davetag:support.arachni-scanner.com,2012-07-01:Comment/425308912017-05-16T12:09:44Z2017-05-16T12:09:44Zapi rest server doesn't end up<div><p>Sure, you can reach me at: tasos.laskos[at]arachni-scaner.com</p></div>Tasos Laskos