Home → Questions →

How can I record user actions

• Edit

grigoriya

21 Feb, 2013 05:31 AM

Hello,

I am a novice in this type of testing, so please excuse me if my question is too basic. I would like to train the tool to follow user steps during the scan. Looks like I should be able to achieve my goal using the Proxy plugin. How can I record my actions?

Thank you,

Grigoriy

1. Support Staff 1 Posted by Tasos Laskos on 21 Feb, 2013 02:04 PM

   

   Sort of depends, if you want to record macros for whatever reason then you can't do that (except for login sequences, that's supported).
   If you want to tell the proxy to start the training then you don't have to, it already does that on its own.

   Does that answer your question?

   • Edit

2. 2 Posted by Grigoriy on 21 Feb, 2013 06:46 PM

   

   I think so...

   I will start the webui, add Proxy plugin, enable proxy in my browser, lounch my application and start navigate through pages. I will start the scanner using the main link to my applicaion after that.

   Is my description correct?

   • Edit

3. Support Staff 3 Posted by Tasos Laskos on 21 Feb, 2013 06:53 PM

   
   1. Start the WebUI.
      
   2. Enable the proxy plugin.
      
   3. Start the scan -- It will be paused immediately by the proxy plugin so that you'll get time to train it.
      
   4. Configure a browser to use the Proxy.
      
   5. Navigate around and when you're done hit the shutdown button in the little control panel at the top to stop the proxy and start the scan.
      
   6. Remove the Proxy settings from the browser and go back to the WebUI to monitor the scan's progress.
   • Edit

4. 4 Posted by MiikaH on 22 Feb, 2013 12:09 AM

   

   I am not able to get proxy plugin to work. What I did:
   1. Start WebUI
   2. Enable proxy plugin -> tried couple different kind of IPs: 0.0.0.0:8282 and 127.0.0.1:8282
   3. Started the scan
   4. Configured my browser to use the Proxy:
   --> now when entering any URL to my web browser, I always get an error page. My browser is not able to connect to the proxy at all.

   Any pointers?

   • Edit

5. Support Staff 5 Posted by Tasos Laskos on 22 Feb, 2013 12:14 AM

   

   Easiest way would be to just user another browser to train Arachni or an extension like FoxyProxy. The different browser approach is simpler and faster.

   • Edit

6. 6 Posted by Grigoriy on 22 Feb, 2013 05:51 AM

   

   I followed all steps using two tabs of the Firefox. I was able to navigate to my site after I configured the proxy, but http://localhost:4567 stopped responding with "Connection was reset" error after I clicked on Shutdown button.

   I restarted tool and tried again. This time I used two separate Firefox browser sessions. I configured Proxy in the window with my application. http://localhost:4567 stopped responding again after I clicked on Shutdown. I removed the Proxy settings and refreshed the shutdown page. The following error was displayed on the page http://localhost:4567/instance/localhost:61195/shutdown:

   TypeError
   "61195/shutdown" is not a class/module

   Backtrace

   /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:1511:in klass_from_handler' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:658:inbind_connect' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:640:in connect' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:237:inconnect' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:243:in block in call_async' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:248:incall' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:248:in schedule' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:241:incall_async' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:228:in call' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-0.1.2/lib/arachni/rpc/remote_object_mapper.rb:59:inmethod_missing' /usr/lib/ruby/gems/1.9.1/gems/arachni-0.4.1.3/lib/arachni/ui/web/server.rb:1075:in block in <class:Server>' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:145:inblock in async_runner' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:156:in catch' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:156:inblock in async_catch_execute' /usr/lib/ruby/gems/1.9.1/gems/arachni-0.4.1.3/lib/arachni/ui/web/server.rb:40:in async_handle_exception' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:155:inasync_catch_execute' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:124:in block in async_schedule' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:959:incall' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:959:in block in run_deferred_callbacks' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:956:intimes'

   Environment

   ---

   SERVER_SOFTWARE: thin 1.5.0 codename Knife
   SERVER_NAME: localhost
   rack.version:
   - 1 - 0 rack.multithread: false
   rack.multiprocess: false
   rack.run_once: false
   REQUEST_METHOD: GET
   REQUEST_PATH: /instance/localhost:61195/shutdown
   PATH_INFO: /instance/localhost:61195/shutdown
   REQUEST_URI: /instance/localhost:61195/shutdown
   HTTP_VERSION: HTTP/1.1
   HTTP_HOST: localhost:4567
   HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0
   HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
   HTTP_ACCEPT_LANGUAGE: en-us,en;q=0.5
   HTTP_ACCEPT_ENCODING: gzip, deflate
   HTTP_CONNECTION: keep-alive
   HTTP_COOKIE: rack.session=BAh7CEkiD3Nlc3Npb25faWQGOgZFRiJFMjRjYzI3NzI2MTRlMDcwZGM2YmJm%0AMjc4NGUxMmZjMGQzNGZkNjhjZGI1MjRiODM4ODE0NTYyNWQ4OWQ1MDEwMkki%0ACmZsYXNoBjsARnsASSIJb3B0cwY7AEZ7CEkiDXNldHRpbmdzBjsARnsKSSIQ%0AYXVkaXRfbGlua3MGOwBGVEkiEGF1ZGl0X2Zvcm1zBjsARlRJIhJhdWRpdF9j%0Ab29raWVzBjsARlRJIhNodHRwX3JlcV9saW1pdAY7AEZpGUkiD3VzZXJfYWdl%0AbnQGOwBGSSIUQXJhY2huaS8wLjQuMS4zBjsARkkiDG1vZHVsZXMGOwBGWwZJ%0AIgYqBjsARkkiDHBsdWdpbnMGOwBGIgHwLS0tIApwcm94eTogCiAgcG9ydDog%0AIjgyODIiCiAgYmluZF9hZGRyZXNzOiAwLjAuMC4wCiAgdGltZW91dDogIjIw%0AMDAwIgpyZXNvbHZlcjoge30KCnByb2ZpbGVyOiB7fQoKdW5pZm9ybWl0eTog%0Ae30KCnRpbWluZ19hdHRhY2tzOiB7fQoKbWFudWFsX3ZlcmlmaWNhdGlvbjog%0Ae30KCmRpc2NvdmVyeToge30KCmhlYWx0aG1hcDoge30KCmNvbnRlbnRfdHlw%0AZXM6IAogIGV4Y2x1ZGU6IHRleHQKYXV0b3Rocm90dGxlOiB7fQoK%0A--3d261142ae2973c09fd2f48735c5a81accb2c694
   GATEWAY_INTERFACE: CGI/1.2
   SERVER_PORT: "4567"
   QUERY_STRING: ""
   SERVER_PROTOCOL: HTTP/1.1
   rack.url_scheme: http
   SCRIPT_NAME: ""
   REMOTE_ADDR: 127.0.0.1
   rack.session: !map:Rack::Session::Abstract::SessionHash
   session_id: 24cc2772614e070dc6bbf2784e12fc0d34fd68cdb524b8388145625d89d50102 flash: &id001 {}

   opts: &id002 settings: audit_links: true audit_forms: true audit_cookies: true http_req_limit: 20 user_agent: Arachni/0.4.1.3 modules: - "*" plugins: |+ --- proxy: port: "8282" bind_address: 0.0.0.0 timeout: "20000" resolver: {}

     profiler: {}
   
     uniformity: {}
   
     timing_attacks: {}
   
     manual_verification: {}
   
     discovery: {}
   
     healthmap: {}
   
     content_types: 
       exclude: text
     autothrottle: {}
   

   tokens: localhost:36717: c031042c8586d8ed6ab77661bc7d10e6 localhost:61195: 4ada27baeb2132e8e7ba1da8fac89181 rack.session.options: !map:Rack::Session::Abstract::OptionsHash
   :path: / :domain: :expire_after: :secure: false :httponly: true :defer: false :renew: false :sidbits: 128 :id: 24cc2772614e070dc6bbf2784e12fc0d34fd68cdb524b8388145625d89d50102 rack.request.cookie_hash:
   rack.session: |- BAh7CEkiD3Nlc3Npb25faWQGOgZFRiJFMjRjYzI3NzI2MTRlMDcwZGM2YmJm Mjc4NGUxMmZjMGQzNGZkNjhjZGI1MjRiODM4ODE0NTYyNWQ4OWQ1MDEwMkki CmZsYXNoBjsARnsASSIJb3B0cwY7AEZ7CEkiDXNldHRpbmdzBjsARnsKSSIQ YXVkaXRfbGlua3MGOwBGVEkiEGF1ZGl0X2Zvcm1zBjsARlRJIhJhdWRpdF9j b29raWVzBjsARlRJIhNodHRwX3JlcV9saW1pdAY7AEZpGUkiD3VzZXJfYWdl bnQGOwBGSSIUQXJhY2huaS8wLjQuMS4zBjsARkkiDG1vZHVsZXMGOwBGWwZJ IgYqBjsARkkiDHBsdWdpbnMGOwBGIgHwLS0tIApwcm94eTogCiAgcG9ydDog IjgyODIiCiAgYmluZF9hZGRyZXNzOiAwLjAuMC4wCiAgdGltZW91dDogIjIw MDAwIgpyZXNvbHZlcjoge30KCnByb2ZpbGVyOiB7fQoKdW5pZm9ybWl0eTog e30KCnRpbWluZ19hdHRhY2tzOiB7fQoKbWFudWFsX3ZlcmlmaWNhdGlvbjog e30KCmRpc2NvdmVyeToge30KCmhlYWx0aG1hcDoge30KCmNvbnRlbnRfdHlw ZXM6IAogIGV4Y2x1ZGU6IHRleHQKYXV0b3Rocm90dGxlOiB7fQoK --3d261142ae2973c09fd2f48735c5a81accb2c694 rack.request.cookie_string: rack.session=BAh7CEkiD3Nlc3Npb25faWQGOgZFRiJFMjRjYzI3NzI2MTRlMDcwZGM2YmJm%0AMjc4NGUxMmZjMGQzNGZkNjhjZGI1MjRiODM4ODE0NTYyNWQ4OWQ1MDEwMkki%0ACmZsYXNoBjsARnsASSIJb3B0cwY7AEZ7CEkiDXNldHRpbmdzBjsARnsKSSIQ%0AYXVkaXRfbGlua3MGOwBGVEkiEGF1ZGl0X2Zvcm1zBjsARlRJIhJhdWRpdF9j%0Ab29raWVzBjsARlRJIhNodHRwX3JlcV9saW1pdAY7AEZpGUkiD3VzZXJfYWdl%0AbnQGOwBGSSIUQXJhY2huaS8wLjQuMS4zBjsARkkiDG1vZHVsZXMGOwBGWwZJ%0AIgYqBjsARkkiDHBsdWdpbnMGOwBGIgHwLS0tIApwcm94eTogCiAgcG9ydDog%0AIjgyODIiCiAgYmluZF9hZGRyZXNzOiAwLjAuMC4wCiAgdGltZW91dDogIjIw%0AMDAwIgpyZXNvbHZlcjoge30KCnByb2ZpbGVyOiB7fQoKdW5pZm9ybWl0eTog%0Ae30KCnRpbWluZ19hdHRhY2tzOiB7fQoKbWFudWFsX3ZlcmlmaWNhdGlvbjog%0Ae30KCmRpc2NvdmVyeToge30KCmhlYWx0aG1hcDoge30KCmNvbnRlbnRfdHlw%0AZXM6IAogIGV4Y2x1ZGU6IHRleHQKYXV0b3Rocm90dGxlOiB7fQoK%0A--3d261142ae2973c09fd2f48735c5a81accb2c694
   rack.session.unpacked_cookie_data:
   session_id: 24cc2772614e070dc6bbf2784e12fc0d34fd68cdb524b8388145625d89d50102 flash: *id001 opts: *id002 rack.request.query_string: ""
   rack.request.query_hash: {}

   :title: TypeError :message: "\"61195/shutdown\" is not a class/module" :backtrace: |- /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:1511:in klass_from_handler' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:658:inbind_connect' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:640:in connect' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:237:inconnect' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:243:in block in call_async' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:248:incall' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:248:in schedule' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:241:incall_async' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-em-0.1.2/lib/arachni/rpc/em/client.rb:228:in call' /usr/lib/ruby/gems/1.9.1/gems/arachni-rpc-0.1.2/lib/arachni/rpc/remote_object_mapper.rb:59:inmethod_missing' /usr/lib/ruby/gems/1.9.1/gems/arachni-0.4.1.3/lib/arachni/ui/web/server.rb:1075:in block in <class:Server>' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:145:inblock in async_runner' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:156:in catch' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:156:inblock in async_catch_execute' /usr/lib/ruby/gems/1.9.1/gems/arachni-0.4.1.3/lib/arachni/ui/web/server.rb:40:in async_handle_exception' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:155:inasync_catch_execute' /usr/lib/ruby/gems/1.9.1/gems/async_sinatra-1.0.0/lib/sinatra/async.rb:124:in block in async_schedule' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:959:incall' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:959:in block in run_deferred_callbacks' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:956:intimes' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:956:in run_deferred_callbacks' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:187:inrun_machine' /usr/lib/ruby/gems/1.9.1/gems/eventmachine-1.0.0/lib/eventmachine.rb:187:in run' /usr/lib/ruby/gems/1.9.1/gems/arachni-0.4.1.3/bin/arachni_web:51:in' /usr/bin/arachni_web:23:in load' /usr/bin/arachni_web:23:in'

   Thanks a lot,

   Grigoriy

   • Edit

7. Support Staff 7 Posted by Tasos Laskos on 26 Feb, 2013 06:01 PM

   

   I'm sorry for the late response, your post was erroneously marked as spam. I'll look into the issue and get back to you.

   • Edit

8. Support Staff 8 Posted by Tasos Laskos on 26 Feb, 2013 06:21 PM

   

   Hm, this bug is rooted in the old WebUI which has been replaced with the new web interface for the next version; you should give it a shot, it's in the nightly packages.

   Btw, if by Firefox sessions you mean simply another window then the proxy settings would have been shared and you'd experience the confusing behavior you came across, you should use a Firefox instance with a different profile[1] or a different browser altogether.

   [1] firefox -ProfileManager -new-instance and create a new "Arachni proxy" profile which you'll use to setup the proxy and navigate the webapp.

   • Edit

9. Tasos Laskos closed this discussion on 26 Feb, 2013 06:21 PM.