tag:support.arachni-scanner.com,2012-07-01:/discussions/questions/12891-login_script-check_pattern-failingArachni: Discussion 2018-10-19T07:41:50Ztag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T18:48:06Z2016-07-07T18:48:06ZLogin_Script check_pattern Failing<div><p>Could you give the <a href="http://downloads.arachni-scanner.com/nightlies/">nightlies</a> a
shot please?</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T18:54:08Z2016-07-07T18:54:09ZLogin_Script check_pattern Failing<div><p>Thank you for the incredibely fast response. I will give it a
shot right now and update you accordingly.</p>
<p>Also, is there a way to contact you directly for more of an
elaborate and specific question?</p></div>kttag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T18:55:54Z2016-07-07T18:55:54ZLogin_Script check_pattern Failing<div><p>No problem.<br>
About contacting me directly, unless you're disclosing sensitive
information I prefer discussions to be public so that others can
benefit too.</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T18:57:35Z2016-07-07T18:57:35ZLogin_Script check_pattern Failing<div><p>Will open a new discussion.</p></div>kttag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:14:01Z2016-07-07T19:14:01ZLogin_Script check_pattern Failing<div><p>I have installed the Arachni linux nightly and ran the same
argument with the same ruby scritp and the results were identical.
I encountered the same error:
<code>[components/plugins/login_scripts#set_status:99] Login
script: The script was executed successfully, but the login check
failed.</code> and the scan exits itself when the error is
returned.</p></div>kttag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:22:40Z2016-07-07T19:22:40ZLogin_Script check_pattern Failing<div><p>Did you try the following?</p>
<pre>
<code>./bin/arachni 'http://127.0.0.2:8080/WebGoat/start.mvc' --plugin=autologin:url=http://127.0.0.2:8080/WebGoat/login.mvc,parameters='username=webgoat&password=webgoat',check='Introduction' --session-check-url=http://127.0.0.2:8080/WebGoat/service/lessonmenu.mvc --session-check-pattern=Introduction --scope-exclude-pattern='logout|login'</code>
</pre></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:27:19Z2016-07-07T19:27:20ZLogin_Script check_pattern Failing<div><p>When running that exact command:<br></p>
<pre>
<code>[utilities#exception_jail:428] Session: [Selenium::WebDriver::Error::NoSuchElementError]</code>
</pre></div>kttag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:28:06Z2016-07-07T19:28:06ZLogin_Script check_pattern Failing<div><p>Can you show me the entire error please?</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:33:42Z2016-07-07T19:33:43ZLogin_Script check_pattern Failing<div><pre>
<code>[-] [utilities#exception_jail:428] Session: [Selenium::WebDriver::Error::NoSuchElementError] Error Message => 'Unable to find element with css selector 'form[role="form"][name="loginForm"][action="j_spring_security_check;jsessionid=SESSIONID"][method="POST"][style="width: 400px;"]''
caused by Request => {"headers":{"Accept":"application/json","Content-Length":"196","Content-Type":"application/json; charset=utf-8","Host":"127.0.0.1:61881","User-Agent":"Typhoeus - https://github.com/typhoeus/typhoeus"},"httpVersion":"1.1","method":"POST","post":"{\"using\":\"css selector\",\"value\":\"form[role=\\\"form\\\"][name=\\\"loginForm\\\"][action=\\\"j_spring_security_check;jsessionid=SESSIONID\\\"][method=\\\"POST\\\"][style=\\\"width: 400px;\\\"]\"}","url":"/element","urlParsed":{"anchor":"","query":"","file":"element","directory":"/","path":"/element","relative":"/element","port":"","host":"","password":"","user":"","userInfo":"","authority":"","protocol":"","source":"/element","queryKey":{},"chunks":["element"]},"urlOriginal":"/session/SESSIONELEMENT/element"} (SessionReqHand)
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/response.rb:70:in `assert_ok'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/response.rb:34:in `initialize'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/http/common.rb:78:in `new'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/http/common.rb:78:in `create_response'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/selenium/webdriver/remote/typhoeus.rb:45:in `request'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/http/common.rb:59:in `call'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/bridge.rb:649:in `raw_execute'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/bridge.rb:627:in `execute'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/remote/bridge.rb:596:in `find_element_by'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/gems/selenium-webdriver-2.53.4/lib/selenium/webdriver/common/search_context.rb:61:in `find_element'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/browser/element_locator.rb:70:in `locate'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/locatable.rb:22:in `locate'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/form/dom.rb:39:in `trigger'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/submittable.rb:64:in `submit_with_browser'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/submittable.rb:46:in `block in prepare_callback'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:260:in `call'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:260:in `with_browser'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/element/dom/capabilities/submittable.rb:37:in `submit'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:399:in `login_from_configuration'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:245:in `block in login'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `call'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:244:in `login'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/components/plugins/autologin.rb:37:in `prepare'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:69:in `block (2 levels) in run'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `call'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:68:in `block in run'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `each'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `run'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework/parts/state.rb:348:in `prepare'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework.rb:110:in `run'
[-] [utilities#exception_jail:428] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/ui/cli/framework.rb:63:in `block in run'
[-] [utilities#exception_jail:429] Session:
[-] [utilities#exception_jail:430] Session: Parent:
[-] [utilities#exception_jail:431] Session: Arachni::Session
[-] [utilities#exception_jail:432] Session:
[-] [utilities#exception_jail:433] Session: Block:
[-] [utilities#exception_jail:434] Session: #<Proc:0x00000004ad4608@/root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:244>
[-] [utilities#exception_jail:435] Session:
[-] [utilities#exception_jail:436] Session: Caller:
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/session.rb:244:in `login'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/components/plugins/autologin.rb:37:in `prepare'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:69:in `block (2 levels) in run'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `call'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/utilities.rb:425:in `exception_jail'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:68:in `block in run'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `each'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/plugin/manager.rb:65:in `run'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework/parts/state.rb:348:in `prepare'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/lib/arachni/framework.rb:110:in `run'
[-] [utilities#exception_jail:437] Session: /root/Desktop/arachni-2.0dev-1.0dev/system/gems/bundler/gems/arachni-5a9c9cfc1271/ui/cli/framework.rb:63:in `block in run'
[-] [utilities#exception_jail:438] Session: --------------------------------------------------------------------------------</code>
</pre>
<p>Followed by:</p>
<pre>
<code> [-] Session: The scanner has been logged out.</code>
</pre></div>kttag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:36:57Z2016-07-07T19:36:57ZLogin_Script check_pattern Failing<div><p>Ah, got it, something must have changed between versions.<br>
Can you try using the <a href="http://support.arachni-scanner.com/kb/general-use/logging-in-and-maintaining-a-valid-session#with-browser-slow-">
browser-based login script</a>?<br>
Please use the session checks I provided in my
<code>autologin</code> example.</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:45:51Z2016-07-07T19:45:54ZLogin_Script check_pattern Failing<div><p>Here is my command line argument:<br></p>
<pre>
<code>./bin/arachni 'http://127.0.0.2:8080/WebGoat/start.mvc' --plugin=login_script:script=/root/arachni-1.4-0.5.10/bin/login_script.rb --session-check-url=http://127.0.0.2:8080/WebGoat/service/lessonmenu.mvc --session-check-pattern=Introduction --scope-exclude-pattern='logout|login'</code>
</pre>
Here is the output:<br>
<pre>
<code>[*] Initializing...
[*] Preparing plugins...
[~] Login script: Running the script.
[~] Login script: Execution completed.
[-] [components/plugins/login_script#set_status:99] Login script: The script was executed successfully, but the login check failed.
[~] Login script: Aborting the scan.
[*] ... done.</code>
</pre>
Here is the code:<br>
<pre>
<code>browser.goto 'http://127.0.0.2:8080/WebGoat/login.mvc'
form = browser.form( name: 'loginForm' )
form.text_field( name: 'username' ).set 'webgoat'
form.text_field( name: 'password' ).set 'webgoat'
form.submit
framework.options.session.check_url = browser.url
framework.options.session.check_pattern = /Introduction/</code>
</pre></div>kttag:support.arachni-scanner.com,2012-07-01:Comment/402781882016-07-07T19:54:31Z2016-07-07T19:54:38ZLogin_Script check_pattern Failing<div><p>Solved it.</p>
<p>In the actual ruby code I changed it to<br></p>
<pre>
<code>framework.options.session.check_pattern = /.*/</code>
</pre>
but kept the command-line argument for check_pattern<br>
<pre>
<code>--session-check-pattern=Introduction</code>
</pre>
<p>This worked out and after 5 minutes of scanning I stopped it and
saw it had properly scanned pages that required login. Thank you
for all the help. Keep up the amazing work on this Framework!</p></div>kt