RPC client - proxy plugin

Regis A. Despres's Avatar

Regis A. Despres

16 Mar, 2017 12:03 AM

Hi there,

I had hard times to make proxy plugin w/the rpc client, i.e. :

  • on 1.4x version process start w/status paused but does not open proxy port
  • on 1.5 and nightly 2.0-pre it throw some exception saying roughly :
     [Arachni::RPC::Exceptions::RemoteException] undefined method `authentication_type=' for #<Arachni::OptionGroups::HTTP:0x000000022b42e0>
     /system/usr/lib/ruby/2.2.0/uri/common.rb:715:in `URI': bad argument (expected URI object or URI string) (ArgumentError)

for the record , the command line used :

arachni_rpc --plugin 'proxy:bind_address=0.0.0.0' --checks=xss* --report-save-path=report_test.afr --dispatcher-url=dispatcher:7331 "http://test.url/"

Any ideas of what I've missed ?

-- Regis A. Despres

  1. Support Staff 1 Posted by Tasos Laskos on 16 Mar, 2017 11:12 AM

    Tasos Laskos's Avatar

    Is there a backtrace to this exception?
    Also, what steps should I perform to trigger it?

    Everything is working fine for me btw.

  2. 2 Posted by Regis A. Despre... on 16 Mar, 2017 01:46 PM

    Regis A. Despres's Avatar

    Sure,

    The overall 2.0 and 1.5 trace is here: https://zerobin.net/?0619c32686ad7ee1#4uwYCbU2fcG6mwROAyicpYdj1PgGT...

    The 1.4 behavior is here : https://zerobin.net/?96131b8e198d9cee#+T6Tg4YgRT4lNPLDyyP1xezJw2BQh...
    No proxy port opened.

    Any way to debug more significantly ?

    -- Regis A. Despres

  3. Support Staff 3 Posted by Tasos Laskos on 16 Mar, 2017 07:59 PM

    Tasos Laskos's Avatar

    I think you're using a v1.4 Dispatcher with a v1.5 client, that's why you're getting the errors.
    About the proxy, how do you know that the port hasn't opened?

  4. 4 Posted by Regis A. Despre... on 16 Mar, 2017 08:20 PM

    Regis A. Despres's Avatar

    Hi,

    You're right for the 1.5 RPC Client, RPCD is an Arachni 1.4 (ruby 2.2.3p173) [x86_64-linux]
    Regarding the 1.4 , neither netstat nor lsof shows a 8282 opened and the only one opened are from the jenkins that collocate in the container.
    How can I debug a little deeper ? =)

    -- Regis A. Despres

  5. Support Staff 5 Posted by Tasos Laskos on 17 Mar, 2017 09:25 AM

    Tasos Laskos's Avatar

    Using the regular arachni executable would provide more info on what's going on.
    Also, did you try to actually connecting to the proxy?

  6. 6 Posted by Regis A. Despre... on 21 Mar, 2017 08:54 AM

    Regis A. Despres's Avatar

    Sure I tried, that was the trigger of my investigations =)
    Regarding the "regular" arachnid executable, I'm sure of what you mean.
    If you're talking about the arachni file in the bin directory, it does not support the dispatcher-url option.
    In my use case, I try to use the proxy plugin in order to talk to a external grid; that's why I used the arachni_rpc .

    -- Regis A. Despres

  7. Support Staff 7 Posted by Tasos Laskos on 21 Mar, 2017 10:51 AM

    Tasos Laskos's Avatar

    Did you try to connect to the right Grid node? The proxy will start there, not on your client machine.

    A good question would be to which node you should connect, since the CLI utility doesn't print out which node provided the scanner Instance when in Grid mode, because your use-case hadn't occurred to me.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac