correct way to use login_script plugin when adding a scan using REST api
Hi,
I am writing a client to run Arachni scans using the REST API and I want to utilize the login_script plugin but i am unable to write the JSON payload correctly. i couldn't find any REST API examples that utilize plugins.
I tried several variations, the latest being:
plugins : { "login_script" : "script=c:\loginScript.js" }
How should it be written? Should i be using the 'browser' parameter?
Also, should I put my script in the specified path on the Arachni server machine?
Thanks,
Dor
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Tasos Laskos on 16 Aug, 2016 08:12 PM
Hello,
You were close:
And yes, the script needs to be on the server.
Cheers
Tasos Laskos closed this discussion on 17 Aug, 2016 07:27 PM.
DorG re-opened this discussion on 18 Aug, 2016 07:39 AM
2 Posted by DorG on 18 Aug, 2016 07:39 AM
Thanks!
The plugin is now loaded correctly.
the tool is still not passing the login page and i don't know why (i'm using a js very similar to the example in the 'Logging in and maintaining a valid session' page) but the original issue is solved.
Dor
Support Staff 3 Posted by Tasos Laskos on 18 Aug, 2016 08:52 AM
I can't know what's going on without access to the page and the login script.
If I were you I'd switch to a Ruby script since it allows you more control over the browser and it's more straight forward.
Cheers
Tasos Laskos closed this discussion on 24 Aug, 2016 12:14 PM.