tag:support.arachni-scanner.com,2012-07-01:/discussions/questions/14359-service-scanning-using-rest-apiArachni: Discussion 2018-10-19T07:42:03Ztag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-13T09:35:19Z2018-01-30T10:21:12Zservice scanning using REST api.<div><p>I am trying to perform service scanning using REST API using the below data in the body.<br>
I am able to do it using the command line.<br>
I need help to do this using the API. How and where should I specify the proxy address and port and use a browser to walk through the application before starting the scan?</p>
<pre>
<code>{
"url" : "http://demo.testfire.net/",
"http" : {
"user_agent" : "Arachni/v2.0dev",
"request_timeout" : 10000,
"request_redirect_limit" : 5,
"request_concurrency" : 20,
"request_queue_size" : 100,
"request_headers" : {},
"response_max_size" : 500000,
"cookies" : {}
},
"audit" : {
"parameter_values" : true,
"exclude_vector_patterns" : [],
"include_vector_patterns" : [],
"link_templates" : []
},
"input" : {
"values" : {},
"default_values" : {
"(?i-mx:name)" : "arachni_name",
"(?i-mx:user)" : "arachni_user",
"(?i-mx:usr)" : "arachni_user",
"(?i-mx:pass)" : "5543!%arachni_secret",
"(?i-mx:txt)" : "arachni_text",
"(?i-mx:num)" : "132",
"(?i-mx:amount)" : "100",
"(?i-mx:mail)" : "arachni@email.gr",
"(?i-mx:account)" : "12",
"(?i-mx:id)" : "1"
},
"without_defaults" : false,
"force" : false
},
"browser_cluster" : {
"wait_for_elements" : {},
"pool_size" : 6,
"job_timeout" : 25,
"worker_time_to_live" : 100,
"ignore_images" : false,
"screen_width" : 1600,
"screen_height" : 1200
},
"scope" : {
"redundant_path_patterns" : {},
"dom_depth_limit" : 5,
"exclude_path_patterns" : [],
"exclude_content_patterns" : [],
"include_path_patterns" : [],
"restrict_paths" : [],
"extend_paths" : [],
"url_rewrites" : {}
},
"session" : {},
"checks" : ["*"],
"platforms" : [],
"plugins" : {},
"no_fingerprinting" : false,
"authorized_by" : null
}</code>
</pre></div>praveen.kumartag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-14T05:09:55Z2017-12-14T05:09:56Zservice scanning using REST api.<div><p>I am trying something similar. Can someone help on this?</p></div>kumartag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-19T16:20:38Z2017-12-19T16:20:38Zservice scanning using REST api.<div><p>Try:</p>
<pre>
<code>{
"plugins": {
"proxy": {
// Set options as usual.
"port": 9999
}
}
}</code>
</pre></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-19T16:21:31Z2017-12-19T16:21:31Zservice scanning using REST api.<div><p>About using the browsers, you train Arachni using something external via that proxy, Arachni can't crawl services.</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-21T07:01:33Z2018-01-30T10:21:12Zservice scanning using REST api.<div><p>Thanks for the response.<br>
I want to proxy some traffic through Arachni Rest API Client,<br>
I used the following Config when I tried to initiate a scan(via. API), but it doesn't seem to be working:<br>
POST: http://localhost:7331/scans</p>
<p>{ "url" : "<a href="http://taget-site.xyz/">http://taget-site.xyz/</a>", "plugins": { "port": 9090, "address": "127.0.0.1" } }</p>
<p>Am I making a mistake somewhere?<br>
I have attached a screeshot of the error.</p>
<p>Thanks.</p></div>praveen.kumartag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-21T07:31:47Z2017-12-21T07:31:47Zservice scanning using REST api.<div><p>You missed the <code>proxy</code> plugin, under which the options should be defined, you've set them for the entire <code>plugins</code> section.</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-21T09:18:58Z2018-01-30T10:21:12Zservice scanning using REST api.<div><p>I am able to proxy the traffic from the browser with this.<br>
<code>{ "url" : "http://demo.testfire.net/", "plugins" : { "proxy": { "port": 9090, "address": "127.0.0.1" } } }</code></p>
<p>how can i stop the proxy and resume the scan through the API?</p>
<pre>
<code> "status": "paused",
"busy": true,
"seed": "4bbef28d30ae512e1437562218167ceb",
"statistics": {
"http": {
"request_count": 35,
"response_count": 35,</code>
</pre></div>praveen.kumartag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-21T09:21:10Z2017-12-21T09:21:10Zservice scanning using REST api.<div><p>You need to request <a href="http://arachni.proxy/shutdown">http://arachni.proxy/shutdown</a> via the proxy.</p></div>Tasos Laskostag:support.arachni-scanner.com,2012-07-01:Comment/442891242017-12-21T09:31:23Z2018-01-30T10:21:12Zservice scanning using REST api.<div><p>It works! Thanks a lot.</p></div>praveen.kumar