Login_Script check_pattern Failing

kt's Avatar

kt

07 Jul, 2016 06:44 PM

Tasos, although I am new to Arachni, you have done extraordinary work on this Framework.

I have been working on a Login_Script against WebGoat on a Kali Linux VM. I have tried multiple patterns to use as the check pattern, but the only time the script works is when I use '/.*/' which does not properly handle logging in during the scan. I have read multiple discussions, including ones specifically about login_script and WebGoat, but have come up with nothing but errors. The only error I see when I add a different check_pattern: [components/plugins/login_scripts#set_status:99] Login script: The script was executed successfully, but the login check failed.

Here is my current login_script.rb that I am running:

response = http.get( 'http://127.0.0.2:8080/WebGoat/login.mvc',
   parameters:  {
        'username' => 'webgoat',
        'password' => 'webgoat'
   },
   mode:   :sync,
   update_cookies:   true
)
framework.options.session.check_url = 'http://127.0.0.2:8080/WebGoat/start.mvc' # I have tried multiple check_url arguments including /lessonmenu.mvc which you provided in another post about WebGoat
framework.options.session.check_pattern = /.*/

Current command-line arguments I am running:

./arachni http://127.0.0.2:8080/WebGoat --plugin=login_script:script=/path/to/script/login_script.rb
  1. Support Staff 1 Posted by Tasos Laskos on 07 Jul, 2016 06:48 PM

    Tasos Laskos's Avatar

    Could you give the nightlies a shot please?

  2. 2 Posted by kt on 07 Jul, 2016 06:54 PM

    kt's Avatar

    Thank you for the incredibely fast response. I will give it a shot right now and update you accordingly.

    Also, is there a way to contact you directly for more of an elaborate and specific question?

  3. Support Staff 3 Posted by Tasos Laskos on 07 Jul, 2016 06:55 PM

    Tasos Laskos's Avatar

    No problem.
    About contacting me directly, unless you're disclosing sensitive information I prefer discussions to be public so that others can benefit too.

  4. 4 Posted by kt on 07 Jul, 2016 06:57 PM

    kt's Avatar

    Will open a new discussion.

  5. 5 Posted by kt on 07 Jul, 2016 07:14 PM

    kt's Avatar

    I have installed the Arachni linux nightly and ran the same argument with the same ruby scritp and the results were identical. I encountered the same error: [components/plugins/login_scripts#set_status:99] Login script: The script was executed successfully, but the login check failed. and the scan exits itself when the error is returned.

  6. Support Staff 6 Posted by Tasos Laskos on 07 Jul, 2016 07:22 PM

    Tasos Laskos's Avatar

    Did you try the following?

    ./bin/arachni 'http://127.0.0.2:8080/WebGoat/start.mvc' --plugin=autologin:url=http://127.0.0.2:8080/WebGoat/login.mvc,parameters='username=webgoat&password=webgoat',check='Introduction' --session-check-url=http://127.0.0.2:8080/WebGoat/service/lessonmenu.mvc --session-check-pattern=Introduction --scope-exclude-pattern='logout|login'
    
  7. 7 Posted by kt on 07 Jul, 2016 07:27 PM

    kt's Avatar

    When running that exact command:

    [utilities#exception_jail:428] Session: [Selenium::WebDriver::Error::NoSuchElementError]
    
  8. Support Staff 8 Posted by Tasos Laskos on 07 Jul, 2016 07:28 PM

    Tasos Laskos's Avatar

    Can you show me the entire error please?

  9. 9 Posted by kt on 07 Jul, 2016 07:33 PM

    kt's Avatar
    [-] [utilities#exception_jail:428] Session: [Selenium::WebDriver::Error::NoSuchElementError] Error Message => 'Unable to find element with css selector 'form[role="form"][name="loginForm"][action="j_spring_security_check;jsessionid=SESSIONID"][method="POST"][style="width: 400px;"]''
     caused by Request => {"headers":{"Accept":"application/json","Content-Length":"196","Content-Type":"application/json; charset=utf-8","Host":"127.0.0.1:61881","User-Agent":"Typhoeus - https://github.com/typhoeus/typhoeus"},"httpVersion":"1.1","method":"POST","post":"{\"using\":\"css selector\",\"value\":\"form[role=\\\"form\\\"][name=\\\"loginForm\\\"][action=\\\"j_spring_security_check;jsessionid=SESSIONID\\\"][method=\\\"POST\\\"][style=\\\"width: 400px;\\\"]\"}","url":"/element","urlParsed":{"anchor":"","query":"","file":"element","directory":"/","path":"/element","relative":"/element","port":"","host":"","password":"","user":"","userInfo":"","authority":"","protocol":"","source":"/element","queryKey":{},"chunks":["element"]},"urlOriginal":"/session/SESSIONELEMENT/element"} (SessionReqHand)
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/response.rb:70:in `assert_ok'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/response.rb:34:in `initialize'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/http/common.rb:78:in `new'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/http/common.rb:78:in `create_response'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/selenium/webdriver/remote/typhoeus.rb:45:in `request'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/http/common.rb:59:in `call'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/bridge.rb:649:in `raw_execute'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/bridge.rb:627:in `execute'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/bridge.rb:596:in `find_element_by'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/common/search_context.rb:61:in `find_element'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/browser/element_locator.rb:70:in `locate'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/locatable.rb:22:in `locate'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/form/dom.rb:39:in `trigger'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/submittable.rb:64:in `submit_with_browser'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/submittable.rb:46:in `block in prepare_callback'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:260:in `call'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:260:in `with_browser'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/submittable.rb:37:in `submit'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:399:in `login_from_configuration'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:245:in `block in login'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `call'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:244:in `login'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/components/plugins/autologin.rb:37:in `prepare'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:69:in `block (2 levels) in run'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `call'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:68:in `block in run'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `each'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `run'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework/parts/state.rb:348:in `prepare'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework.rb:110:in `run'
     [-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/ui/cli/framework.rb:63:in `block in run'
     [-] [utilities#exception_jail:429] Session: 
     [-] [utilities#exception_jail:430] Session: Parent:
     [-] [utilities#exception_jail:431] Session: Arachni::Session
     [-] [utilities#exception_jail:432] Session: 
     [-] [utilities#exception_jail:433] Session: Block:
     [-] [utilities#exception_jail:434] Session: #<Proc:0x00000004ad4608@/root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:244>
     [-] [utilities#exception_jail:435] Session: 
     [-] [utilities#exception_jail:436] Session: Caller:
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:244:in `login'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/components/plugins/autologin.rb:37:in `prepare'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:69:in `block (2 levels) in run'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `call'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:68:in `block in run'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `each'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `run'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework/parts/state.rb:348:in `prepare'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework.rb:110:in `run'
     [-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/ui/cli/framework.rb:63:in `block in run'
     [-] [utilities#exception_jail:438] Session: --------------------------------------------------------------------------------
    

    Followed by:

     [-] Session: The scanner has been logged out.
    
  10. Support Staff 10 Posted by Tasos Laskos on 07 Jul, 2016 07:36 PM

    Tasos Laskos's Avatar

    Ah, got it, something must have changed between versions.
    Can you try using the browser-based login script?
    Please use the session checks I provided in my autologin example.

  11. 11 Posted by kt on 07 Jul, 2016 07:45 PM

    kt's Avatar

    Here is my command line argument:

    ./bin/arachni 'http://127.0.0.2:8080/WebGoat/start.mvc' --plugin=login_script:script=/root/arachni-1.4-0.5.10/bin/login_script.rb --session-check-url=http://127.0.0.2:8080/WebGoat/service/lessonmenu.mvc --session-check-pattern=Introduction --scope-exclude-pattern='logout|login'
    
    Here is the output:
    [*] Initializing...
     [*] Preparing plugins...
     [~] Login script: Running the script.
     [~] Login script: Execution completed.
     [-] [components/plugins/login_script#set_status:99] Login script: The script was executed successfully, but the login check failed.
     [~] Login script: Aborting the scan.
     [*] ... done.
    
    Here is the code:
    browser.goto 'http://127.0.0.2:8080/WebGoat/login.mvc'
    form = browser.form( name: 'loginForm' )
    form.text_field( name: 'username' ).set 'webgoat'
    form.text_field( name: 'password' ).set 'webgoat'
    form.submit
    framework.options.session.check_url = browser.url
    framework.options.session.check_pattern  = /Introduction/
    
  12. 12 Posted by kt on 07 Jul, 2016 07:54 PM

    kt's Avatar

    Solved it.

    In the actual ruby code I changed it to

    framework.options.session.check_pattern  = /.*/
    
    but kept the command-line argument for check_pattern
    --session-check-pattern=Introduction
    

    This worked out and after 5 minutes of scanning I stopped it and saw it had properly scanned pages that required login. Thank you for all the help. Keep up the amazing work on this Framework!

  13. Tasos Laskos closed this discussion on 08 Jul, 2016 04:34 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac