Proxy Plugin again
Trying to browse the default main page of a website using the latest released night builds from today i get the following error:
on the same site, if i click "log in" , in my browser instantly appears :
Method Not Allowed
unsupported method `GET'.
WEBrick/1.3.1 (Ruby/1.9.3/2013-02-06) OpenSSL/1.0.1e at www.toysrus.com:443
there are others sites on which i get request timed-out while trying to switch on HTTPS and on browser pops out to save the page source.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 08 Apr, 2013 03:30 PM
Thanks for the heads up, I'll look into this soon.
Support Staff 2 Posted by Tasos Laskos on 09 Apr, 2013 05:06 PM
I fixed it and pushed some new nightlies for you, let me know how it works.
Tasos Laskos closed this discussion on 09 Apr, 2013 05:06 PM.
user021 re-opened this discussion on 09 Apr, 2013 05:51 PM
3 Posted by user021 on 09 Apr, 2013 05:54 PM
uhm, just downloaded latest but can't start the program, returns:
ruby: /lib/libc.so.6: version
GLIBC_2.14' not found (required by /root/Desktop/ad/bin/../system/usr/lib/libruby.so.1.9) ruby: /lib/libc.so.6: version
GLIBC_2.15' not found (required by /root/Desktop/ad/bin/../system/usr/lib/libruby.so.1.9)Support Staff 4 Posted by Tasos Laskos on 09 Apr, 2013 06:29 PM
Try updating glibc, you seem to be running an outdated version.
Tasos Laskos closed this discussion on 09 Apr, 2013 06:29 PM.
user021 re-opened this discussion on 10 Apr, 2013 11:26 AM
5 Posted by user021 on 10 Apr, 2013 11:28 AM
The night builds proxy seems to run smooth now so far, thx for the quick fix man.
user021 closed this discussion on 10 Apr, 2013 11:28 AM.
user021 re-opened this discussion on 11 Apr, 2013 12:57 PM
6 Posted by user021 on 11 Apr, 2013 12:59 PM
On some pages i still get
[-] Failed to parse '\'javascript:{_fW(_ht,1);O_LC();_Sh(\"O_c\",0)}\''. [-] Failed to parse '\'javascript:{_fW(_ht,1);O_LC();_Sh(\"O_c\",0)}\''.
I have no clue if that can affect the quality of the audit or not, just thought of letting you know.
Support Staff 7 Posted by Tasos Laskos on 11 Apr, 2013 01:03 PM
Nah don't worry about that, Arachni lets you know when it finds something that's supposed to be a path/URL that it can't parse -- in this case it was inline JS.
PS. You needn't explicitly open the ticket when you want to add a reply, replying will open it automatically.
Tasos Laskos closed this discussion on 11 Apr, 2013 01:03 PM.
user021 re-opened this discussion on 13 Apr, 2013 06:52 PM
8 Posted by user021 on 13 Apr, 2013 06:52 PM
So i was chillin around, thought to test the proxy more. Fixed my target and fired up the console, the website was loading slower than i expected but thought is normal since my low connection, as i am waiting, suddenly,
noticed that some things started to repeat, i was like ...ok i'll wait a little more just to be sure it's a loop bug, looking closely at my screen, i hear the distinct noise of my hdd goin ham and since that second, i knew man, i knew that is goin for the kill !
So i started desperately to press ctrl+c and e but it did NOT stop, he said it's gonna and also prepared to stop but did not stop so i had to use the power of X to put things to an end. xD
anyway,
here's my
console log: http://pastebin.com/eXMvPYjx
error log: http://pastebin.com/Nx7RLGed
Support Staff 9 Posted by Tasos Laskos on 13 Apr, 2013 10:20 PM
The error log is because you killed it, it doesn't have anything interesting in it.
The console log is interesting though, I've never seen that plugin do that; I'll try to repro it.
10 Posted by user021 on 15 Apr, 2013 06:52 PM
Btw, if you want, i could do more testing with the plugin and let you know how it goes, but only if worth, don't wanna waste your time if you think that those bugs are isolated so other people may never encounter them.
Support Staff 11 Posted by Tasos Laskos on 15 Apr, 2013 06:56 PM
Sure, any feedback is welcome. As for the bug, it needs to be fixed; preferably before the end of the month since I plan to release v0.4.2 by then.
Still not sure what's causing it though but I'll figure it out sooner or later.
Support Staff 12 Posted by Tasos Laskos on 19 Apr, 2013 12:34 PM
Seems like the fix for this won't make it into v0.4.2, sorry.
13 Posted by user021 on 19 Apr, 2013 02:11 PM
No worries man, i done it more for testing purposes to let you know.
Support Staff 14 Posted by Tasos Laskos on 01 Jun, 2013 07:48 PM
There was a weird bug in the Proxy and I think it could have caused this as well. Would you mind checking to see if the problem has gone away?
15 Posted by user021 on 03 Jun, 2013 02:19 PM
Something have changed but there are still some issues,
./arachni --audit-link --audit-forms --audit-cookies --audit-headers --fuzz-methods --link-count=0 --modules=sqli,trainer --plugin=proxy:port=8080,bind_address=127.0.0.1 -v 'http://www.altex.ro'
it takes a while to load, after the proxy stops loading, firefox ended to have ~320 mb memory, increasing little by little as time passes, however, when i open the page without the proxy, firefox use ~100 mb, increasing to ~110 mb then falling back to 100mb, my guess is that there are some strange javascript/out of scope links/redirections on the page that arachni can't handle too well
ps: sorry for late reply
16 Posted by user021 on 03 Jun, 2013 02:33 PM
sample,
why it keeps getting "Error msg: Couldn't resolve host name" ?
Support Staff 17 Posted by Tasos Laskos on 06 Jun, 2013 12:22 AM
The internal URL used for proxy resources somehow leaks into the outside. Fixing it now.
Support Staff 18 Posted by Tasos Laskos on 06 Jun, 2013 12:37 AM
Easy fix :)
https://github.com/Arachni/arachni/commit/2510ecaaba124b2a7f2ef0777...
The original bug is still there though, argh!
(And that's also the cause of the increased RAM and CPU consumption.)
19 Posted by user021 on 06 Jun, 2013 06:35 AM
i tested on another website
./arachni --audit-link --link-count=0 --modules=trainer
--plugin=proxy:port=8080,bind_address=127.0.0.1 -v --follow-subdomains 'http://www.emag.ro' (works ok, it loads pretty fast and firefox stays at around 120mb)
however, same command, without the "--follow-subdomains" loads much harder, firefox memory usage gets up to 500mb and more, browser reporting a script that did stop working and if i want it to close : http://www.emag.ro/cache/js/homepage.js?1370455410:130 while on arachni console i see spamming
"Proxy: Ignoring, out of scope: http://arachni.proxy/panel/"
Well idk man, there seem to be many bugs relayed to proxy plugin, a while ago, there was a guy who said that he use Burp Suite in order to proxy all his requests to his "testbed" - i have no ideea what that means, and after that he make arachni scan localhost, i don't need this now, was just wondering how is that possible
Support Staff 20 Posted by Tasos Laskos on 06 Jun, 2013 10:57 AM
The out of scope thing was fixed but it was after the nightlies had been built.
Those 2 sites share the same code which causes the same issue, requesting the following in a loop:
And because the above gets requested in a loop memory and CPU usage increases. It's a single bug that causes the rest, I can't spot the damn thing though.
The
--follow-subdomains
flag didn't do any difference in my tests.About Burp, I'm not sure either.
Support Staff 21 Posted by Tasos Laskos on 06 Jun, 2013 11:15 AM
I spotted the little bugger: http://www.emag.ro/ajax/ajax_ads/2/9773
That's what's causing all the problems, not sure why yet but the hard part is over. Now that I know I'll sort it out and the rest of the issues will go away as well.
Support Staff 22 Posted by Tasos Laskos on 06 Jun, 2013 11:34 AM
And done: https://github.com/Arachni/arachni/commit/43a5d25cdf2d6eff7375ffc81...
Tasos Laskos closed this discussion on 06 Jun, 2013 11:34 AM.
Tasos Laskos re-opened this discussion on 06 Jun, 2013 09:36 PM
Support Staff 23 Posted by Tasos Laskos on 06 Jun, 2013 09:36 PM
Btw, for the last couple of days github has been timing out when trying to checkout the repositories so the build scripts keep failing. Latest nightly says it was uploaded on
05-Jun-2013
, if that changes you can go ahead and download the new ones, they will include the fix.I also pushed a commit optimizing things a bit as well: https://github.com/Arachni/arachni/commit/7c67ed29d251d7372a7712589...
This one will be in tomorrows nightlies, hopefully.
Tasos Laskos closed this discussion on 06 Jun, 2013 09:36 PM.
user021 re-opened this discussion on 07 Jun, 2013 11:58 AM
24 Posted by user021 on 07 Jun, 2013 11:58 AM
Alright man, glad to see that discovered what the problem was, had a feeling about ajax/js xD
I will let you know in the future if encounter more issues. Keep up the good work : )
user021 closed this discussion on 07 Jun, 2013 11:59 AM.