or Create a profile
02 Apr, 2018 02:53 PM
Hello! I'm trying to perfom an authenticated scan, but I'm having some issues. The website I'm trying to login into is:
and the command I'm running is:
arachni http://prope.unesp.br/pibic/aluno/index.php --report-save-path=/home/amanda/arachni.afr
--plugin=autologin:url=http://prope.unesp.br/pibic/aluno/index.php, parameters="login_pibic=username&senha_pibic=password&BtAcessar=Acessar",check="Sign Off|MY ACCOUNT" --scope-exclude-pattern=logout
However, the login doesn't happen, because I can see that the tool insn't scanning the pages that exist after the login is successful; it only scans the "outside" pages. And, besides, there are some errors that appear (they can be seen in the attached images).
I was able to obtain the parameters of the autologin plugin observing the POST message with Burp Proxy.
Can someone explain what I'm doing wrong? Thanks in advance.
on 02 Apr, 2018 02:57 PM
Formatting help /
(switch to plain text)
(switch to Markdown)
You can attach files up to 10MB
If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.
A conversation has been started with the Arachni staff to resolve this discussion.
This discussion is private.
Only you and Arachni support staff can see and reply to it.
This discussion is public. Everyone can see and reply to it.
You can use Command ⌘ instead of Control ^ on Mac
Powered by Tender™.