This scan encountered a fatal error and stopped, the detailed report is not available.

bernhard.schelling's Avatar

bernhard.schelling

14 Apr, 2014 11:57 PM

Hi,
First of all - great work on arachni - I really like this tool!
I'm using Arachni v0.4.6 using Webui version v.0.4.3.

Until now all my scans ran successfully - but now on a certain page the scanner stops after some time and shows the message "This scan encountered a fatal error and stopped, the detailed report is not available."

Any hints where I could start looking for what went wrong? The site isn't meant to be public available yet so I'd rather would not share the link (maybe per email but not here in the discussion)

Thanks in advance!
Bernhard

  1. Support Staff 1 Posted by Tasos Laskos on 15 Apr, 2014 12:19 AM

    Tasos Laskos's Avatar

    Hey there,

    Thanks for the kinds words.

    This error occurs when the scanner process dies (well, when it no longer responds to RPC requests to be more precise) for any reason. There are a few possible causes for this:

    • The process could have been killed by a user (did someone execute killall ruby or something?).
    • The process could have been killed by the kernel (can happen when the process consumes too much RAM, unusual for v0.4.6 though). Try running dmesg and check if it says anything relevant.
    • Arachni simply has a bug and that caused the process to die, highly unusual again. Not Arachni having a bug of course, but the process dying due to it.
    • Could be a bug in the Ruby interpreter or C extension, causing a segfault and killing the process. That could have probably resulted in core dump info being visible in the terminal.

    Also, have a look under system/logs/, the logfiles could contain errors that explain this.

    Do let me know if you find anything interesting, I'd really like to fix this.

    Cheers

  2. 2 Posted by bernhard.schell... on 15 Apr, 2014 12:25 AM

    bernhard.schelling's Avatar

    wow that was quick :)

    • there is no user on the sysstem, i run it on a ec2 micro instance on AWS
    • then.. you got it: [7650736.459010] Out of memory: Kill process 28701 (ruby) score 751 or sacrifice child [7650736.459027] Killed process 28701 (ruby) total-vm:1151756kB, anon-rss:470844kB, file-rss:0kB

    anything i can do about it? I will upgrade the instance to a bigger one and try again.
    THANKS

  3. Support Staff 3 Posted by Tasos Laskos on 15 Apr, 2014 12:34 AM

    Tasos Laskos's Avatar

    Well, 470MB isn't that bad but I see that the micro instance has only 615MB, you better switch to a bigger instance otherwise scans will keep dying unexpectedly.

    However, you could try lowering the --http-queue-size[1] option to lower RAM consumption but there's no guarantee that it'll stay low enough for the duration of the scan so as to not be killed by the kernel again.

    Cheers

    [1] https://github.com/Arachni/arachni/wiki/Command-line-user-interface...

  4. Tasos Laskos closed this discussion on 15 Apr, 2014 11:01 PM.

  5. bernhard.schelling re-opened this discussion on 16 Apr, 2014 10:06 PM

  6. 4 Posted by bernhard.schell... on 16 Apr, 2014 10:06 PM

    bernhard.schelling's Avatar

    just fyi - switched to a medium instance, no more problems.
    Would be nice if available ram would be checked on startup and a warning issued :)

  7. Support Staff 5 Posted by Tasos Laskos on 16 Apr, 2014 10:09 PM

    Tasos Laskos's Avatar

    That'd be impossible, there's no way to know how much RAM any given scan is going to consume. It all depends on the webpage.

  8. Tasos Laskos closed this discussion on 16 Apr, 2014 10:45 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac