2018-09-13 10:37:58 +0800 --------------------------------------------------------------------------------
ENV:
---
ALLUSERSPROFILE: C:\ProgramData
ANALYSIS_PATH: C:\Program Files (x86)\HP\LoadRunner\
APPDATA: C:\Users\kwong\AppData\Roaming
ARACHNI_FRAMEWORK_LOGDIR: C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\\logs\framework
ARACHNI_WEBUI_LOGDIR: C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\\logs\webui
BUNDLER_VERSION: 1.14.6
BUNDLE_BIN_PATH: C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/bundler-1.14.6/exe/bundle
BUNDLE_GEMFILE: C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/arachni-ui-web/Gemfile
CATALINA_HOME: C:\xampp\tomcat
ChocolateyInstall: C:\ProgramData\chocolatey
ChocolateyLastPathUpdate: Tue Sep 4 11:38:57 2018
CommonProgramFiles: C:\Program Files\Common Files
CommonProgramFiles(x86): C:\Program Files (x86)\Common Files
CommonProgramW6432: C:\Program Files\Common Files
COMPUTERNAME: KUL11N0099313
ComSpec: C:\WINDOWS\system32\cmd.exe
ENV_ROOT: C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\
ENV_RUBY_BIN: C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\ruby\bin
ENV_WEBUI_BIN: C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\arachni-ui-web\bin
ENV_WEBUI_ROOT: C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\arachni-ui-web
FSHARPINSTALLDIR: C:\Program Files (x86)\Microsoft SDKs\F#\10.1\Framework\v4.0\
GEM_HOME: C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0
GEM_PATH: C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0;C:/Users/kwong/.gem/ruby/2.2.0
HELPER_SERVICE_PORT: '7979'
HOME: C:/Users/kwong
HOMEDRIVE: 'C:'
HOMEPATH: "\\Users\\kwong"
https_proxy: 10.64.150.9:8080
http_proxy: 10.64.150.9:8080
JAVA_HOME: C:\Program Files\Java\jdk1.8.0_171; C:\Program Files\Java\jdk1.8.0_171\bin
LG_PATH: C:\Program Files (x86)\HP\LoadRunner\
LOCALAPPDATA: C:\Users\kwong\AppData\Local
LOGONSERVER: "\\\\KUL11SDASSAH"
LOG_FILE: C:\Users\kwong\AppData\Local\Temp\\ihp_custom_batches.log
LR_PATH: C:\Program Files (x86)\HP\LoadRunner\
MANPATH: C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/kramdown-1.4.1/man
MSMPI_BIN: C:\Program Files\Microsoft MPI\Bin\
MW_HOME: C:\OracleATS\wls
NUMBER_OF_PROCESSORS: '4'
OATS_HOME: C:\OracleATS
OneDrive: C:\Users\kwong\OneDrive
OneDriveSync: C:\Users\kwong\OneDrive - World Health Organization
OS: Windows_NT
Path: C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/bin;C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\ruby\bin;C:\Program
Files\Microsoft MPI\Bin\;C:\Program Files\Docker\Docker\Resources\bin;C:\oraclexe\app\oracle\product\11.2.0\server\bin;;C:\Program
Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program
Files (x86)\Sennheiser\SoftphoneSDK\;C:\Program Files\nodejs\;C:\Program Files (x86)\WinSCP\;C:\Program
Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL
Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program
Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client
SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program
Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\;C:\Program Files\dotnet\;C:\Program
Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL
Server\110\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\DTS\Binn\;C:\Program
Files (x86)\Microsoft SQL Server\130\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client
SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program
Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program
Files (x86)\HP\LoadRunner\strawberry-perl\perl\bin;C:\Program Files\PuTTY\;C:\ProgramData\chocolatey\bin;C:\HashiCorp\Vagrant\bin;C:\Program
Files (x86)\TestingWhiz Enterprise Edition\plugins\com.cygnet.autotest_6.1.1\libs;C:\RailsInstaller\Ruby2.3.3\bin;C:\Users\kwong\AppData\Local\Microsoft\WindowsApps;C:\Users\kwong\AppData\Local\Programs\Git\cmd;C:\Program
Files\Microsoft VS Code\bin;C:\Users\kwong\AppData\Roaming\npm;C:\Users\kwong\AppData\Local\Programs\Fiddler
pathExists: '0 '
PATHEXT: ".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"
PROCESSOR_ARCHITECTURE: AMD64
PROCESSOR_IDENTIFIER: Intel64 Family 6 Model 78 Stepping 3, GenuineIntel
PROCESSOR_LEVEL: '6'
PROCESSOR_REVISION: 4e03
ProgramData: C:\ProgramData
ProgramFiles: C:\Program Files
ProgramFiles(x86): C:\Program Files (x86)
ProgramW6432: C:\Program Files
PROMPT: "$P$G"
PSModulePath: ";C:\\Users\\kwong\\AppData\\Local\\Google\\Cloud SDK\\google-cloud-sdk\\platform\\PowerShell"
PUBLIC: C:\Users\Public
RAILS_ENV: production
RUBYLIB: C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/bundler-1.14.6/lib
RUBYOPT: "-rbundler/setup"
SystemDrive: 'C:'
SystemRoot: C:\WINDOWS
TEMP: C:\Users\kwong\AppData\Local\Temp
TMP: C:\Users\kwong\AppData\Local\Temp
UATDATA: C:\WINDOWS\CCM\UATData\D9F8C395-CAB8-491d-B8AC-179A1FE1BE77
USER: kwong
USERDNSDOMAIN: WIMS.WHO.INT
USERDOMAIN: WIMS
USERDOMAIN_ROAMINGPROFILE: WIMS
USERNAME: kwong
USERPROFILE: C:\custom_program\arachni-1.5.1-0.5.12-windows-x86_64\system\home
VBOX_MSI_INSTALL_PATH: C:\Program Files\Oracle\VirtualBox\
VUGEN_PATH: C:\Program Files (x86)\HP\LoadRunner\
windir: C:\WINDOWS
WL_HOME: C:\OracleATS\wls\wlserver
--------------------------------------------------------------------------------
OPTIONS:
---
audit:
parameter_values: true
exclude_vector_patterns: []
include_vector_patterns: []
link_templates: []
forms: true
browser_cluster:
local_storage: {}
wait_for_elements: {}
pool_size: 6
job_timeout: 10
worker_time_to_live: 100
ignore_images: false
screen_width: 1600
screen_height: 1200
datastore:
report_path:
http:
user_agent: Arachni/v1.5.1
request_timeout: 10000
request_redirect_limit: 5
request_concurrency: 20
request_queue_size: 100
request_headers: {}
response_max_size: 500000
cookies: {}
authentication_type: auto
proxy: 10.64.150.9:8080
proxy_host: 10.64.150.9
proxy_port: '8080'
proxy_username: kwong@who.int
proxy_password: Wlx_40466
input:
values: {}
default_values:
name: arachni_name
user: arachni_user
usr: arachni_user
pass: 5543!%arachni_secret
txt: arachni_text
num: '132'
amount: '100'
mail: arachni@email.gr
account: '12'
id: '1'
without_defaults: false
force: false
scope:
redundant_path_patterns: {}
dom_depth_limit: 5
exclude_file_extensions: []
exclude_path_patterns: []
exclude_content_patterns: []
include_path_patterns: []
restrict_paths: []
extend_paths: []
url_rewrites: {}
session: {}
checks:
- code_injection
- code_injection_php_input_wrapper
- code_injection_timing
- csrf
- file_inclusion
- ldap_injection
- no_sql_injection
- no_sql_injection_differential
- os_cmd_injection
- os_cmd_injection_timing
- path_traversal
- response_splitting
- rfi
- session_fixation
- source_code_disclosure
- sql_injection
- sql_injection_differential
- sql_injection_timing
- trainer
- unvalidated_redirect
- unvalidated_redirect_dom
- xpath_injection
- xss
- xss_dom
- xss_dom_script_context
- xss_event
- xss_path
- xss_script_context
- xss_tag
- xxe
- allowed_methods
- backdoors
- backup_directories
- backup_files
- common_admin_interfaces
- common_directories
- common_files
- directory_listing
- captcha
- cookie_set_for_parent_domain
- credit_card
- cvs_svn_users
- emails
- form_upload
- hsts
- html_objects
- http_only_cookies
- insecure_cookies
- insecure_cors_policy
- mixed_resource
- password_autocomplete
- private_ip
- ssn
- unencrypted_password_forms
- x_frame_options
- htaccess_limit
- http_put
- insecure_client_access_policy
- insecure_cross_domain_policy_access
- insecure_cross_domain_policy_headers
- interesting_responses
- localstart_asp
- origin_spoof_access_restriction_bypass
- webdav
- xst
platforms: []
plugins: {}
no_fingerprinting: false
authorized_by:
url: http://testhtml5.vulweb.com/
--------------------------------------------------------------------------------
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] [Selenium::WebDriver::Error::WebDriverError] unexpected response, code=403, content-type="text/html"
|
Access to this website is denied
|
Access Denied
|
http://127.0.0.1:19364/session
|
Your request is blocked according to the configured access rights. |
-
who-sg008-my-sel-1 (13/Sep/2018:04:37:58 +0200)
CLIENT: 10.64.223.57 (-)
REQUEST: POST http://127.0.0.1:19364/session ([unknown])
ERROR: ERR_ACCESS_DENIED; [No Error]; [not available]; [Unknown Error Code], [No Error Detail]; Private IP Addresses; nothing, nothing; [unknown]
|
|
who-sg008-my-sel-1 - 13/Sep/2018:04:37:58 +0200
|
|
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/common.rb:88:in `create_response'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/default.rb:86:in `request'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/common.rb:59:in `call'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:653:in `raw_execute'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:124:in `create_session'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:88:in `initialize'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in `new'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in `for'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver.rb:82:in `for'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser.rb:1109:in `selenium'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser.rb:1337:in `start_webdriver'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser.rb:187:in `initialize'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser_cluster/worker.rb:51:in `initialize'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:495:in `new'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:495:in `block in initialize_workers'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:494:in `times'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:494:in `initialize_workers'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:112:in `initialize'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:33:in `new'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:33:in `block in browser_cluster'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/2.2.0/monitor.rb:211:in `mon_synchronize'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:28:in `browser_cluster'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:173:in `audit'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `block in run'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `call'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `exception_jail'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `run'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:428] C:/custom_program/arachni-1.5.1-0.5.12-windows-x86_64/system/ruby/lib/ruby/gems/2.2.0/gems/arachni-1.5.1/ui/cli/framework.rb:80:in `block in run'
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:429]
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:430] Parent:
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:431] Arachni::Framework
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:432]
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:433] Block:
[2018-09-13 10:37:58 +0800] [utilities#exception_jail:434] #