scan over p12 cert only website

fabio nigi's Avatar

fabio nigi

03 Jun, 2016 07:01 AM

hi All,
i'm trying to use arachni scan on a p12 cert only domain ,
via web browser and also using owasp zap the system work properly and i scannable .
the problem with arachni:
i migrated the p12 cert to pem (seem supported from the documentation) the pem file contain private and public key with passprhrase (i tried with and without)

here the command :
arachni --http-ssl-key /home/fnigi/domain/cert.pem --http-ssl-key-password PASSWORD --http-ssl-key-type pem --checks=* --scope-auto-redundant --audit-forms --audit-cookies-extensively --audit-headers --audit-json --audit-ui-forms --audit-with-extra-parameter --audit-include-vector --audit-links --report-save-path /home/fnigi/ https://WEBSITE.TLD/ --output-verbose

the system don't want to go further and it fail on ssl where is the error?
i used openssl pkcs12 -in cert.p12 -out cert.pem to convert

  1. Support Staff 1 Posted by Tasos Laskos on 03 Jun, 2016 02:57 PM

    Tasos Laskos's Avatar

    Hello,

    Can you try specifying the certs and keys individually with each option with files that only include them rather than combine them?

    Also, what error are you seeing with your current configuration?
    You can try using --output-debug=5 to get more information about what's going on.

    On a different note, the --audit-include-vector option requires an argument and is used to whitelist input vectors by name, i.e. only input vectors whose names match the given pattern will be checked.

    Cheers

  2. 2 Posted by fabio nigi on 03 Jun, 2016 03:40 PM

    fabio nigi's Avatar

    hi Tasos,

    i tried to split the cert
    and modify the url in this way:
    arachni https://website.com/ --authorized-by [email blocked] --http-ssl-certificate /home/fnigi/vfwfsdata/publiccert.pem --http-ssl-certificate-type pem --http-ssl-key /home/fnigi/vfwfsdata/privatekey.pem --http-ssl-key-type pem http-ssl-key-password PASSWORD --checks=* --scope-auto-redundant --audit-forms --audit-cookies-extensively --audit-headers --audit-json --audit-ui-forms --audit-with-extra-parameter --audit-links --report-save-path /home/fnigi/ --output-verbose --output-debug=5

    i used this openssl pkcs12 -in myP12File.p12 -nocerts -out privateKey.pem
    and openssl pkcs12 -in myP12File.p12 -clcerts -nokeys -out publicCert.pem

    to generate the key (the key work properly in browser)

    the log with debug=5:

    it's going ok till header's check but it fail here

    [!!!!] [http/client#global_on_complete:586] Client: Performer: # [!!!!] [http/client#global_on_complete:587] Client: Status: 0 [!!!!] [http/client#global_on_complete:588] Client: Code: ssl_connect_error [!!!!] [http/client#global_on_complete:589] Client: Message: SSL connect error [!!!!] [http/client#global_on_complete:590] Client: URL: https://THESITE.COM/ [!!!!] [http/client#global_on_complete:591] Client: Headers:

    [!!!!] [http/client#global_on_complete:592] Client: Parsed headers: {} [!!!!] [http/client#global_on_complete:600] Client: ------------ [-] Retrying for: https://THESITE.COM/ [SSL connect error] [!!!!] [http/client#global_on_complete:584] Client: ------------ [!!!!] [http/client#global_on_complete:585] Client: Got response for request ID#: 9

    [!!!!] [http/client#global_on_complete:586] Client: Performer: #

  3. Support Staff 3 Posted by Tasos Laskos on 03 Jun, 2016 03:42 PM

    Tasos Laskos's Avatar

    http-ssl-key-password needs to be --http-ssl-key-password.

  4. 4 Posted by fabio nigi on 03 Jun, 2016 03:56 PM

    fabio nigi's Avatar

    sorry Tasos a simple typo it's still failing

    [!!!!] [http/client#global_on_complete:592] Client: Parsed headers: {} [!!!!] [http/client#global_on_complete:600] Client: ------------ [-] [framework/parts/data#pop_page_from_url_queue:147] Giving up trying to audit: https://WEBSITE.COM/ [-] [framework/parts/data#pop_page_from_url_queue:148] Couldn't get a response after 5 tries: SSL connect error. [!!!!] [http/client#global_on_complete:584] Client: ------------ [!!!!] [http/client#global_on_complete:585] Client: Got response for request ID#: 11

    [!!!!] [http/client#global_on_complete:586] Client: Performer: # [!!!!] [http/client#global_on_complete:587] Client: Status: 0 [!!!!] [http/client#global_on_complete:588] Client: Code: ssl_connect_error [!!!!] [http/client#global_on_complete:589] Client: Message: SSL connect error [!!!!] [http/client#global_on_complete:590] Client: URL: https://WEBSITE.COM/ [!!!!] [http/client#global_on_complete:591] Client: Headers:

    [!!!!] [http/client#global_on_complete:592] Client: Parsed headers: {} [!!!!] [http/client#global_on_complete:600] Client: ------------ [!!] [http/proxy_server#shutdown:68] ProxyServer: Shutting down.. [!!!] [http/proxy_server/connection#on_close:178] Connection: Closed because: [NilClass] [!!] [http/proxy_server#shutdown:73] ProxyServer: Shutdown. [!!] [http/proxy_server#shutdown:68] ProxyServer: Shutting down.. [!!!] [http/proxy_server/connection#on_close:178] Connection: Closed because: [NilClass] [!!] [http/proxy_server#shutdown:73] ProxyServer: Shutdown. [!!] [http/proxy_server#shutdown:68] ProxyServer: Shutting down.. [!!!] [http/proxy_server/connection#on_close:178] Connection: Closed because: [NilClass] [!!] [http/proxy_server#shutdown:73] ProxyServer: Shutdown. [!!] [http/proxy_server#shutdown:68] ProxyServer: Shutting down.. [!!!] [http/proxy_server/connection#on_close:178] Connection: Closed because: [NilClass] [!!] [http/proxy_server#shutdown:73] ProxyServer: Shutdown. [!!] [http/proxy_server#shutdown:68] ProxyServer: Shutting down.. [!!!] [http/proxy_server/connection#on_close:178] Connection: Closed because: [NilClass] [!!] [http/proxy_server#shutdown:73] ProxyServer: Shutdown. [!!] [http/proxy_server#shutdown:68] ProxyServer: Shutting down.. [!!!] [http/proxy_server/connection#on_close:178] Connection: Closed because: [NilClass] [!!] [http/proxy_server#shutdown:73] ProxyServer: Shutdown. [!] [plugin/manager#block:161] [!] [plugin/manager#block:162] Waiting on 4 plugins to finish: [!] [plugin/manager#block:163] healthmap, timing_attacks, discovery, uniformity [!] [plugin/manager#block:164]

  5. Support Staff 5 Posted by Tasos Laskos on 04 Jun, 2016 12:09 PM

    Tasos Laskos's Avatar

    Can you try connecting to the site via curl with the same certs and keys that you used for Arachni?

  6. 6 Posted by fabio nigi on 05 Jun, 2016 06:38 AM

    fabio nigi's Avatar

    Hi Tasos,
    thanks for the tip! i checked with curl and i was missing the CA i added to the command --http-ssl-ca ./ca.pem and now is properly scanning!

    thanks
    Fabio

  7. Support Staff 7 Posted by Tasos Laskos on 05 Jun, 2016 06:41 AM

    Tasos Laskos's Avatar

    Glad you got it working. :)

  8. Tasos Laskos closed this discussion on 05 Jun, 2016 06:41 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac