2017-06-19 19:10:40 -0400 -------------------------------------------------------------------------------- ENV: --- ALLUSERSPROFILE: C:\ProgramData APPDATA: C:\Users\cjh84778\AppData\Roaming ARACHNI_FRAMEWORK_LOGDIR: C:\Arachni\system\\logs\framework ARACHNI_WEBUI_LOGDIR: C:\Arachni\system\\logs\webui asl.log: Destination=file BUNDLER_VERSION: 1.14.6 BUNDLE_BIN_PATH: C:/Arachni/system/ruby/lib/ruby/gems/2.2.0/gems/bundler-1.14.6/exe/bundle BUNDLE_GEMFILE: C:/Arachni/system/arachni-ui-web/Gemfile CLIENTNAME: NGV8CSCDGSSH7 CommonProgramFiles: C:\Program Files\Common Files CommonProgramFiles(x86): C:\Program Files (x86)\Common Files CommonProgramW6432: C:\Program Files\Common Files COMPUTERNAME: NG00234305 ComSpec: C:\Windows\system32\cmd.exe DEFLOGDIR: C:\ProgramData\McAfee\DesktopProtection ENV_ROOT: C:\Arachni\system\ ENV_RUBY_BIN: C:\Arachni\system\ruby\bin ENV_WEBUI_BIN: C:\Arachni\system\arachni-ui-web\bin ENV_WEBUI_ROOT: C:\Arachni\system\arachni-ui-web FP_NO_HOST_CHECK: 'NO' GEM_HOME: C:/Arachni/system/ruby/lib/ruby/gems/2.2.0 GEM_PATH: C:/Arachni/system/ruby/lib/ruby/gems/2.2.0;H:/.gem/ruby/2.2.0 HOME: H:/ HOMEDRIVE: 'H:' HOMEPATH: "\\" HOMESHARE: "\\\\dgsnas2\\home\\ccauthorne" LDMS_LOCAL_DIR: C:\Program Files (x86)\LANDesk\LDClient\Data LDMS_PREFERRED_SERVER: WAP01237.cov.virginia.gov LOCALAPPDATA: C:\Users\cjh84778\AppData\Local LOGONSERVER: "\\\\COVENICES-ADC41" MANPATH: C:/Arachni/system/ruby/lib/ruby/gems/2.2.0/gems/kramdown-1.4.1/man NUMBER_OF_PROCESSORS: '8' OS: Windows_NT Path: C:/Arachni/system/ruby/lib/ruby/gems/2.2.0/bin;C:\Arachni\system\ruby\bin;%SystemRoot%\system32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Oracle32;C:\Oracle\product\11.2.0\client_1;C:\Oracle\product\11.2.0\client_1\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Bitvise Tunnelier;C:\Program Files\TortoiseSVN\bin;C:\Program Files (x86)\GNU\GnuPG\pub;C:\Program Files (x86)\Intel\UCRT\;C:\Program Files\Intel\UCRT\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\RailsInstaller\Git\cmd;C:\RailsInstaller\Ruby2.3.0\bin pathExists: '0 ' PATHEXT: ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC" PROCESSOR_ARCHITECTURE: AMD64 PROCESSOR_IDENTIFIER: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel PROCESSOR_LEVEL: '6' PROCESSOR_REVISION: 3c03 ProgramData: C:\ProgramData ProgramFiles: C:\Program Files ProgramFiles(x86): C:\Program Files (x86) ProgramW6432: C:\Program Files PROMPT: "$P$G" PSModulePath: C:\Users\cjh84778\Documents\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ PUBLIC: C:\Users\Public RAILS_ENV: production RUBYLIB: C:/Arachni/system/ruby/lib/ruby/gems/2.2.0/gems/bundler-1.14.6/lib RUBYOPT: "-rbundler/setup" SESSIONNAME: RDP-Tcp#0 SystemDrive: 'C:' SystemRoot: C:\Windows TEMP: C:\Users\cjh84778\AppData\Local\Temp TMP: C:\Users\cjh84778\AppData\Local\Temp TNS_ADMIN: "\\\\dgsnas2\\Install\\Oracle\\network\\admin" USER: cjh84778 USERDNSDOMAIN: COV.VIRGINIA.GOV USERDOMAIN: COV USERNAME: cjh84778 USERPROFILE: C:\Arachni\system\home VSEDEFLOGDIR: C:\ProgramData\McAfee\DesktopProtection windir: C:\Windows windows_tracing_flags: '3' windows_tracing_logfile: C:\BVTBin\Tests\installpackage\csilogfile.log -------------------------------------------------------------------------------- OPTIONS: --- audit: parameter_values: true exclude_vector_patterns: [] include_vector_patterns: [] link_templates: [] links: true forms: true cookies: true ui_inputs: true ui_forms: true jsons: true xmls: true browser_cluster: local_storage: {} wait_for_elements: {} pool_size: 6 job_timeout: 10 worker_time_to_live: 100 ignore_images: false screen_width: 1600 screen_height: 1200 datastore: report_path: http: user_agent: Arachni/v1.5.1 request_timeout: 10000 request_redirect_limit: 5 request_concurrency: 20 request_queue_size: 100 request_headers: {} response_max_size: 500000 cookies: {} authentication_type: auto input: values: {} default_values: name: arachni_name user: arachni_user usr: arachni_user pass: 5543!%arachni_secret txt: arachni_text num: '132' amount: '100' mail: arachni@email.gr account: '12' id: '1' without_defaults: false force: false scope: redundant_path_patterns: {} dom_depth_limit: 5 exclude_file_extensions: [] exclude_path_patterns: [] exclude_content_patterns: [] include_path_patterns: [] restrict_paths: [] extend_paths: [] url_rewrites: {} session: {} checks: - code_injection - code_injection_php_input_wrapper - code_injection_timing - csrf - file_inclusion - ldap_injection - no_sql_injection - no_sql_injection_differential - os_cmd_injection - os_cmd_injection_timing - path_traversal - response_splitting - rfi - session_fixation - source_code_disclosure - sql_injection - sql_injection_differential - sql_injection_timing - trainer - unvalidated_redirect - unvalidated_redirect_dom - xpath_injection - xss - xss_dom - xss_dom_script_context - xss_event - xss_path - xss_script_context - xss_tag - xxe - allowed_methods - backdoors - backup_directories - backup_files - common_admin_interfaces - common_directories - common_files - directory_listing - captcha - cookie_set_for_parent_domain - credit_card - cvs_svn_users - emails - form_upload - hsts - html_objects - http_only_cookies - insecure_cookies - insecure_cors_policy - mixed_resource - password_autocomplete - private_ip - ssn - unencrypted_password_forms - x_frame_options - htaccess_limit - http_put - insecure_client_access_policy - insecure_cross_domain_policy_access - insecure_cross_domain_policy_headers - interesting_responses - localstart_asp - origin_spoof_access_restriction_bypass - webdav - xst platforms: [] plugins: {} no_fingerprinting: false authorized_by: url: https://lims.dgs.virginia.gov/ -------------------------------------------------------------------------------- [2017-06-19 19:10:40 -0400] [framework/parts/audit#audit_page:89] [HTTP: 200] https://lims.dgs.virginia.gov/support/dld/vcredist_x86.exe [2017-06-19 19:10:40 -0400] [framework/parts/audit#audit_page:90] [filesize_exceeded] Maximum file size exceeded [2017-06-19 19:10:52 -0400] [framework/parts/audit#audit_page:89] [HTTP: 200] https://lims.dgs.virginia.gov/support/dld%5CSTARLIMS.Client.Prerequisites.exe [2017-06-19 19:10:52 -0400] [framework/parts/audit#audit_page:90] [filesize_exceeded] Maximum file size exceeded [2017-06-19 19:11:00 -0400] [framework/parts/audit#audit_page:89] [HTTP: 200] https://lims.dgs.virginia.gov/support/dld/CRRuntime_32bit_13_0.msi [2017-06-19 19:11:00 -0400] [framework/parts/audit#audit_page:90] [filesize_exceeded] Maximum file size exceeded