Unable to export logged vectors from Proxy plugin

Frank's Avatar

Frank

19 Feb, 2016 10:44 PM

I'm in the process of testing out the proxy plugin, and have run into an issue exporting the logged vectors.

The error message is:

Service Unavailable
invalid byte sequence in US-ASCII

I noticed in the Discovered Elements several instances of:

"We're sorry, but something went wrong (500)..."

All are links to PNG and JPG files in the application.

Please assist.

  1. Support Staff 1 Posted by Tasos Laskos on 20 Feb, 2016 09:34 AM

    Tasos Laskos's Avatar

    Hello,

    Is there a backtrace printed somewhere?
    Either in the browser or the console?

    Cheers

  2. 2 Posted by Frank on 20 Feb, 2016 06:05 PM

    Frank's Avatar

    Hello Tasos,

    There was no backtrace in the browser. Just the HTML response I indicated:

    Service Unavailable
    invalid byte sequence in US-ASCII

    If I run the curl command

    curl —proxy http://localhost:8282 http://arachni.proxy/panel/vectors.yml -o vectors.yml
    
    I get the same HTML response in the vectors.yml file.

    In the console for the proxy plugin, the only message indicated that it was exporting the vectors. No message of an error.

    I was running the proxy with the default debug level of 1.

  3. Support Staff 3 Posted by Tasos Laskos on 20 Feb, 2016 06:31 PM

    Tasos Laskos's Avatar

    It just dawned on me, you're not using the latest version right?
    I don't think that error message would appear in 1.4.

  4. 4 Posted by Frank on 22 Feb, 2016 04:25 PM

    Frank's Avatar

    Yes. This issue was with version 1.3.

    When attempting to startup Arachni 1.4 with the proxy plugin, the scanner spawns 6 browsers and never connects to port 8282. I checked the ports via ss -ant and tried to POST a request through the proxy. I received a message curl: (7) Failed to connect to localhost port 8282: Connection refused.

    Below is what is shown when executing the following command

    Arachni - Web Application Security Scanner Framework v1.4
       Author: Tasos "Zapotek" Laskos <[email blocked]>

           (With the support of the community and the Arachni Team.)
    
    
    
    
    Website: http://arachni-scanner.com Documentation: http://arachni-scanner.com/wiki
    [~] No element audit options were specified, will audit links, forms, cookies, UI inputs, UI forms, JSONs and XMLs.
    [*] Initializing... [*] Preparing plugins... [*] ... done. [*] BrowserCluster: Initializing 6 browsers... [*] BrowserCluster: Spawned #1 with PID 20063 [lifeline at PID 20060]. [*] BrowserCluster: Spawned #2 with PID 20086 [lifeline at PID 20083]. [*] BrowserCluster: Spawned #3 with PID 20109 [lifeline at PID 20106]. [*] BrowserCluster: Spawned #4 with PID 20132 [lifeline at PID 20129]. [*] BrowserCluster: Spawned #5 with PID 20155 [lifeline at PID 20152]. [*] BrowserCluster: Spawned #6 with PID 20178 [lifeline at PID 20175]. [*] BrowserCluster: Initialization completed with 6 browsers in the pool.

    Update: The proxy finally started connecting to port 8282 in version 1.4, and I was able to export the vectors.

    Any insight on why the proxy couldn't connect?

  5. Support Staff 5 Posted by Tasos Laskos on 22 Feb, 2016 04:50 PM

    Tasos Laskos's Avatar

    No idea, maybe it was an one time thing, I guess a random bind failure could happen.

    Glad you got it working though.

    Cheers

  6. Tasos Laskos closed this discussion on 22 Feb, 2016 04:50 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac