tag:support.arachni-scanner.com,2012-07-01:/discussions/questions/13391-usage-of-audit-exclude-vectorArachni: Discussion 2017-07-12T10:48:55Ztag:support.arachni-scanner.com,2012-07-01:Comment/429600292017-07-11T13:34:28Z2017-07-11T13:34:30ZUsage of --audit-exclude-vector <div><p>Hello,</p>
<p>I tried to scan website <a href="http://www.artaoweb.com/services/front-end-coding/">http://www.artaoweb.com/services/front-end-coding/</a> but there is an email contact form sending multiple emails when scanned.</p>
<p>I tried to use --audit-exclude-vector to skip submitting this form, but without any success (--audit-exclude-vector=form[email], form[phone], form[message]).</p>
<p>Here´s form code:</p>
<p>-</p>
<div class="Form ContactForm"><br>
<br>
<div><br>
<div class="form AdminTableEdit PageContent">
<div class="Table">
<div class="Item">
<div class="Column">E-mail</div>
<div class="Column"></div>
</div>
<div class="Item">
<div class="Column">Phone</div>
<div class="Column"></div>
</div>
<pre>
<code><div class="Item ">
<div class="Column"><label for="form_message">Message</label></div>
<div class="Column">
<textarea cols="50" rows="10" id="form_message" name="form[message]"></textarea>
</div>
</div></code>
</pre></div>
<br>
<div class="FilesUploading"></div>
<div class="Center">Send -</div>
<p>Could you please give me an advice how to use the parameter correctly?</p>
<p>Thank you</p>
<p>K.</p>
</div>
</div>
</div></div>Kerrytag:support.arachni-scanner.com,2012-07-01:Comment/429600292017-07-11T13:40:28Z2017-07-11T13:40:28ZUsage of --audit-exclude-vector <div><p>That option will simply not audit the specific inputs, you need to exclude the resource completely, you can do that with the <a href="https://github.com/Arachni/arachni/wiki/Command-line-user-interface#scope-exclude-pattern">--scope-exclude-pattern</a> option.</p>
<p>This should work: <code>--scope-exclude-pattern=front-end-coding</code></p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/429600292017-07-11T13:52:11Z2017-07-11T13:52:12ZUsage of --audit-exclude-vector <div><p>Thank you for response. But if I understand correctly, it will exclude the whole page. As this contact form is on multiple pages (some corporate websites have it on all pages) it will dramatically reduce the scope of the test. Isn´t there any other option to exclude just this one form from submitting, but still audit rest of the page?</p>
<p>Thanks</p>
<p>K.</p></div>Kerrytag:support.arachni-scanner.com,2012-07-01:Comment/429600292017-07-12T10:48:51Z2017-07-12T10:48:51ZUsage of --audit-exclude-vector <div><p>Fair point, I'll update the system to skip elements if all their input vectors have been excluded.</p></div>Tasos Laskos