Autologin does not work

George Gonzo's Avatar

George Gonzo

30 Jan, 2018 09:39 PM

Hello group,

When scanning a bootstrap application, I receive this error
"-------------------------------------------------------------------------------- [2018-01-29 11:40:23 -0500] [Arachni::Session::Error::FormNotVisible] Login form is not visible in the DOM."

Although there isn't a direct URI for the login page which seems to be an autohidden form within the main page, I was able to successfully scan the web application with Nessus' web app scan policy by using the main/landing page as the login URI

  1. 1 Posted by bWF0dC50b3JiaW4... on 06 Feb, 2018 06:53 PM

    bWF0dC50b3JiaW4K's Avatar

    George, I just found this in the docs (

    "For example, if the login form is by default hidden and requires a sequence of UI interactions in order to become visible, this plugin will not be able to submit it."

  2. 2 Posted by bWF0dC50b3JiaW4... on 09 Feb, 2018 08:35 PM

    bWF0dC50b3JiaW4K's Avatar

    George, I would also like to mention that you can combine the autologin plugin with the session check at the bottom of the UI configuration (or from the command line if that's the way you're scanning).

    Reading through the source code of the plugin (/opt/arachni/components/plugins/autologin.rb), you'll see around line 56 that the session check supersedes anything that you've passed in through the plugin:

            framework.options.session.check_url     ||= response.url
            framework.options.session.check_pattern ||= @verifier

    Hopefully that helps.

  3. 3 Posted by George Gonzo on 11 Feb, 2018 05:05 PM

    George Gonzo's Avatar

    @bWF0dC50b3JiaW4K, thank you, it is helpful.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:


Already uploaded files

  • arachni.log 19.9 KB

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac