2016-10-26 19:22:16 -0500 -------------------------------------------------------------------------------- ENV: --- CPLUS_INCLUDE_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/include" LC_PAPER: es_SV.UTF-8 LC_ADDRESS: es_SV.UTF-8 LC_MONETARY: es_SV.UTF-8 GEM_HOME: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems" SHELL: "/bin/bash" TERM: xterm XDG_SESSION_COOKIE: b6b8893c55e4dd6186610cf90000115f-1477510432.358755-1037751034 IRBRC: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib/ruby/.irbrc" SSH_CLIENT: 200.31.173.106 44833 22 LIBRARY_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib:/usr/lib:/usr/local/lib" LC_NUMERIC: es_SV.UTF-8 MY_RUBY_HOME: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib/ruby" SSH_TTY: "/dev/pts/0" LC_ALL: en_US.UTF-8 USER: root LD_LIBRARY_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib:/usr/lib:/usr/local/lib" LC_TELEPHONE: es_SV.UTF-8 LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36:' PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/bin:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/../bin:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/bin:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/gems/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" MAIL: "/var/mail/root" C_INCLUDE_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/include" LC_IDENTIFICATION: es_SV.UTF-8 PWD: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10" ARACHNI_WEBUI_LOGDIR: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/logs/webui" LANG: en_US.UTF-8 LC_MEASUREMENT: es_SV.UTF-8 ARACHNI_FRAMEWORK_LOGDIR: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/logs/framework" HOME: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/home/arachni" SHLVL: '1' RAILS_ENV: production DYLD_LIBRARY_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib:/usr/lib:/usr/local/lib" LOGNAME: root GEM_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/gems" SSH_CONNECTION: 200.31.173.106 44833 46.4.132.43 22 LESSOPEN: "| /usr/bin/lesspipe %s" RUBYLIB: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/bundler-1.11.2/lib:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib/ruby:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib/ruby/2.2.0:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib/ruby/2.2.0/i686-linux:/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/usr/lib/ruby/site_ruby/2.2.0/i686-linux" RUBY_VERSION: ruby-2.2.3 LC_TIME: es_SV.UTF-8 LESSCLOSE: "/usr/bin/lesspipe %s %s" LC_NAME: es_SV.UTF-8 RACK_ENV: development BUNDLE_GEMFILE: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/arachni-ui-web/Gemfile" _ORIGINAL_GEM_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/bin/../system/gems" BUNDLE_BIN_PATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/bundler-1.11.2/exe/bundle" RUBYOPT: "-rbundler/setup" MANPATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/kramdown-1.4.1/man" BUNDLE_ORIG_MANPATH: "/home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/kramdown-1.4.1/man" -------------------------------------------------------------------------------- OPTIONS: --- audit: parameter_values: true exclude_vector_patterns: [] include_vector_patterns: [] link_templates: [] links: true forms: true cookies: true headers: false with_both_http_methods: true cookies_extensively: false jsons: true xmls: true ui_forms: true ui_inputs: true datastore: token: 258900a6a14625a154665290cee44eb9 session: {} scope: redundant_path_patterns: {} dom_depth_limit: 5 exclude_file_extensions: [] exclude_path_patterns: [] exclude_content_patterns: - "(?-mix:pic.php)" include_path_patterns: [] restrict_paths: [] extend_paths: [] url_rewrites: {} include_subdomains: false exclude_binaries: false https_only: false input: values: "(?i-mx:name)": arachni_name "(?i-mx:user)": arachni_user "(?i-mx:usr)": arachni_user "(?i-mx:pass)": 5543!%arachni_secret "(?i-mx:txt)": arachni_text "(?i-mx:num)": '132' "(?i-mx:amount)": '100' "(?i-mx:mail)": arachni@email.gr "(?i-mx:account)": '12' "(?i-mx:id)": '1' default_values: name: arachni_name user: arachni_user usr: arachni_user pass: 5543!%arachni_secret txt: arachni_text num: '132' amount: '100' mail: arachni@email.gr account: '12' id: '1' without_defaults: true force: false browser_cluster: local_storage: {} wait_for_elements: {} pool_size: 6 job_timeout: 100 worker_time_to_live: 50 ignore_images: true screen_width: 1600 screen_height: 1200 http: user_agent: " Arachni/v1.3.2" request_timeout: 10000 request_redirect_limit: 3 request_concurrency: 10 request_queue_size: 100 request_headers: {} response_max_size: 500000 cookies: {} checks: - code_injection - code_injection_php_input_wrapper - code_injection_timing - csrf - file_inclusion - ldap_injection - no_sql_injection - no_sql_injection_differential - os_cmd_injection - os_cmd_injection_timing - path_traversal - response_splitting - rfi - session_fixation - source_code_disclosure - sql_injection - sql_injection_differential - sql_injection_timing - trainer - unvalidated_redirect - unvalidated_redirect_dom - xpath_injection - xss - xss_dom - xss_dom_script_context - xss_event - xss_path - xss_script_context - xss_tag - xxe - allowed_methods - backdoors - backup_directories - backup_files - captcha - common_admin_interfaces - common_directories - common_files - cookie_set_for_parent_domain - credit_card - cvs_svn_users - directory_listing - emails - form_upload - hsts - htaccess_limit - html_objects - http_only_cookies - http_put - insecure_client_access_policy - insecure_cookies - insecure_cors_policy - insecure_cross_domain_policy_access - insecure_cross_domain_policy_headers - interesting_responses - localstart_asp - mixed_resource - origin_spoof_access_restriction_bypass - password_autocomplete - private_ip - ssn - unencrypted_password_forms - webdav - x_frame_options - xst platforms: [] plugins: autothrottle: discovery: healthmap: timing_attacks: uniformity: no_fingerprinting: false authorized_by: url: http://mydomain.com/ -------------------------------------------------------------------------------- [2016-10-26 19:22:16 -0500] [HTTP: 200] https://mydomain.com/sitemap.xml [2016-10-26 19:22:16 -0500] [operation_timedout] Timeout was reached [2016-10-26 22:13:25 -0500] [HTTP: 200] https://mydomain.com/get.php?did=206_arachni_trainer_455d5893bc1a1b5e0476f607eb02d0fe [2016-10-26 22:13:25 -0500] [filesize_exceeded] Maximum file size exceeded [2016-10-27 07:07:00 -0500] [NoMethodError] undefined method `relative?' for nil:NilClass [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/http/cookie_jar.rb:211:in `to_uri' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/http/cookie_jar.rb:116:in `for_url' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/parser.rb:340:in `cookie_jar' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/page.rb:299:in `cookie_jar' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework/parts/audit.rb:119:in `audit_page' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework/parts/audit.rb:223:in `audit_queues' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/rpc/server/framework/multi_instance.rb:222:in `audit_queues' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework/parts/audit.rb:197:in `block in audit' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework/parts/audit.rb:177:in `loop' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework/parts/audit.rb:177:in `audit' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework.rb:117:in `block in run' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/utilities.rb:425:in `call' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/utilities.rb:425:in `exception_jail' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework.rb:117:in `run' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/rpc/server/framework.rb:156:in `block in run' [2016-10-27 07:07:00 -0500] [2016-10-27 07:07:00 -0500] Parent: [2016-10-27 07:07:00 -0500] Arachni::RPC::Server::Framework [2016-10-27 07:07:00 -0500] [2016-10-27 07:07:00 -0500] Block: [2016-10-27 07:07:00 -0500] # [2016-10-27 07:07:00 -0500] [2016-10-27 07:07:00 -0500] Caller: [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/utilities.rb:425:in `exception_jail' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/framework.rb:117:in `run' [2016-10-27 07:07:00 -0500] /home/arachni/arachni-1.4/arachni-1.4-0.5.10/system/gems/gems/arachni-1.4/lib/arachni/rpc/server/framework.rb:156:in `block in run' [2016-10-27 07:07:00 -0500] --------------------------------------------------------------------------------