or Create a profile

Home Problems

Arachni seems to be not scanning

chris's Avatar

chris

06 Aug, 2014 02:55 PM

Hello, there!

I'm running arachni (against a vulnerabilty test site) and it seems to be not scanning the site. And don't has raised any errors.

Below the output (also I've attached an output file) of the command "arachni http://http://testphp.vulnweb.com --debug".

Any tips? Thanks!

Arachni - Web Application Security Scanner Framework v0.4.7
Author: Tasos "Zapotek" Laskos [email blocked]

       (With the support of the community and the Arachni Team.)

Website: http://arachni-scanner.com Documentation: http://arachni-scanner.com/wiki

[~] No modules were specified. [~] -> Will run all mods.

[~] No audit options were specified. [~] -> Will audit links, forms and cookies.

[*] Initialising... [*] Waiting for plugins to settle... [!] HTTP: ------------ [!] HTTP: Queued request. [!] HTTP: ID#: 0 [!] HTTP: URL: http://testphp.vulnweb.com/ [!] HTTP: Method: get [!] HTTP: Params: [!] HTTP: Headers: {"Accept"=>"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Encoding"=>"gzip, deflate", "User-Agent"=>"Arachni/v0.4.7"} [!] HTTP: Train?: false [!] HTTP: ------------ [!] HTTP: ------------ [!] HTTP: Got response for request ID#: 0 [!] HTTP: Status: 200 [!] HTTP: Error msg: No error [!] HTTP: URL: http://testphp.vulnweb.com/ [!] HTTP: Headers: HTTP/1.1 200 OK
Server: nginx/1.4.1
Date: Wed, 06 Aug 2014 14:52:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.10-1~lucid+2uwsgi2
Content-Encoding: gzip

[!] HTTP: Parsed headers: {"Server"=>"nginx/1.4.1", "Date"=>"Wed, 06 Aug 2014 14:52:10 GMT", "Content-Type"=>"text/html", "Transfer-Encoding"=>"chunked", "Connection"=>"keep-alive", "X-Powered-By"=>"PHP/5.3.10-1~lucid+2uwsgi2", "Content-Encoding"=>"gzip"} [!] HTTP: ------------ [*] Spider: [HTTP: 200] http://testphp.vulnweb.com/ [~] Identified as: nginx, php [!] [!] Waiting on the following (6) plugins to finish: [!] autothrottle, healthmap, discovery, timing_attacks, uniformity, resolver [!] [*] Resolver: Resolving hostnames... [*] Resolver: Done! [!] [!] Waiting on the following (5) plugins to finish: [!] healthmap, discovery, timing_attacks, uniformity, resolver [!]

[*] Dumping audit results in '2014-08-06 15.52.13 +0100.afr'. [*] Done!

[+] Web Application Security Report - Arachni Framework

[~] Report generated on: 2014-08-06 15:52:13 +0100 [~] Report false positives at: http://github.com/Arachni/arachni/issues

[+] System settings: [~] --------------- [~] Version: 0.4.7 [~] Revision: 0.2.8 [~] Audit started on: Wed Aug 6 15:52:10 2014 [~] Audit finished on: Wed Aug 6 15:52:11 2014 [~] Runtime: 00:00:01

[~] URL: http://testphp.vulnweb.com/ [~] User agent: Arachni/v0.4.7

[*] Audited elements: [~] * Links [~] * Forms [~] * Cookies

[*] Modules: code_injection, code_injection_php_input_wrapper, code_injection_timing, csrf, file_inclusion, ldapi, os_cmd_injection, os_cmd_injection_timing, path_traversal, response_splitting, rfi, session_fixation, source_code_disclosure, sqli, sqli_blind_rdiff, sqli_blind_timing, trainer, unvalidated_redirect, xpath, xss, xss_event, xss_path, xss_script_tag, xss_tag, allowed_methods, backdoors, backup_files, common_directories, common_files, directory_listing, captcha, credit_card, cvs_svn_users, emails, form_upload, html_objects, http_only_cookies, insecure_cookies, mixed_resource, password_autocomplete, private_ip, ssn, unencrypted_password_forms, htaccess_limit, http_put, interesting_responses, localstart_asp, webdav, x_forwarded_for_access_restriction_bypass, xst

[~] ===========================

[+] 0 issues were detected.

[+] Plugin data: [~] ---------------

[*] Health map [~] ~~~~~~~~~~~~~~ [~] Description: Generates a simple list of safe/unsafe URLs.

[~] Legend: [+] No issues [-] Has issues

[+] http://testphp.vulnweb.com/

[~] Total: 1 [+] Without issues: 1 [-] With issues: 0 ( 0% )

[~] 0.0% [=> ] 100% [~] Est. remaining time: --:--:--

[~] Crawling, discovered 1 pages and counting.

[~] Sent 1 requests. [~] Received and analyzed 1 responses. [~] In 00:00:01 [~] Average: 0 requests/second.

[~] Burst response time total 0 [~] Burst response count total 0 [~] Burst average response time 0 [~] Burst average 0 requests/second [~] Timed-out requests 0 [~] Original max concurrency 20 [~] Throttled max concurrency 20

  1. 1 Posted by chris on 06 Aug, 2014 04:13 PM

    chris's Avatar

    Nervermind. Seems to be a problem with my shell environment. I'm using ZSH.

    I'll keep you posted.

    Thanks.

  2. Tasos Laskos closed this discussion on 11 Aug, 2014 01:05 PM.

Comments are currently closed for this discussion. You can start a new one.

  • New Issue

  • Conversation Started

  • The discussion is closed

    No more actions from Arachni or the discussion starter are required.

  • Re-open the discussion

Private Permissions

This discussion is private. Only you and Arachni support staff can see and reply to it.

Public Permissions

This discussion is public. Everyone can see and reply to it.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

14 Apr, 2025 04:47 PM REMOTE ACCESS
29 Jul, 2024 06:44 AM Dear arachni-scanner.com Owner.
15 Feb, 2024 09:48 AM Arachni download
12 Jan, 2024 12:01 AM We're sorry, but something went wrong.
19 Oct, 2023 06:03 PM Error - Not able Scan /ruby/lib/ruby/gems/2.7.0/gems/arachni-1.6.1.3/lib/arachni/rpc/server/framework.rb:156:in `block in run'

Recent Articles

Optimizing for faster scans
Service scanning
Software as a Service (Saas)