correct way to use login_script plugin when adding a scan using REST api

DorG's Avatar


16 Aug, 2016 02:40 PM


I am writing a client to run Arachni scans using the REST API and I want to utilize the login_script plugin but i am unable to write the JSON payload correctly. i couldn't find any REST API examples that utilize plugins.

I tried several variations, the latest being:
plugins : { "login_script" : "script=c:\loginScript.js" }

How should it be written? Should i be using the 'browser' parameter?

Also, should I put my script in the specified path on the Arachni server machine?


  1. Support Staff 1 Posted by Tasos Laskos on 16 Aug, 2016 08:12 PM

    Tasos Laskos's Avatar


    You were close:

     plugins : { "login_script" : { "script": "c:\loginScript.js" } }

    And yes, the script needs to be on the server.


  2. Tasos Laskos closed this discussion on 17 Aug, 2016 07:27 PM.

  3. DorG re-opened this discussion on 18 Aug, 2016 07:39 AM

  4. 2 Posted by DorG on 18 Aug, 2016 07:39 AM

    DorG's Avatar

    The plugin is now loaded correctly.
    the tool is still not passing the login page and i don't know why (i'm using a js very similar to the example in the 'Logging in and maintaining a valid session' page) but the original issue is solved.


  5. Support Staff 3 Posted by Tasos Laskos on 18 Aug, 2016 08:52 AM

    Tasos Laskos's Avatar

    I can't know what's going on without access to the page and the login script.
    If I were you I'd switch to a Ruby script since it allows you more control over the browser and it's more straight forward.


  6. Tasos Laskos closed this discussion on 24 Aug, 2016 12:14 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac