Unable to scan Rest Services
Hi,
I have a REST API which is vulnerable to SQL injection; I have
tried arachni proxy but I get nothing in the file containing the
input vectors, I have also tried the new Arachni's Rest service but
I still have no issues. Here is what I use to start a new scan
:
{ "url" : "My uri", "http" : { "user_agent" : "Arachni/v2.0dev", "request_timeout" : 10000, "request_redirect_limit" : 5, "request_concurrency" : 20, "request_queue_size" : 100, "request_headers" : {}, "response_max_size" : 500000, "cookies" : {} }, "session" : {}, "checks" : ["sql_injection"], "platforms" : [], "plugins" : {}, "no_fingerprinting" : false, "authorized_by" : null }
Did I miss something when starting a new scan ? Can you explain further how to scan correctly Rest services?
Thanks :)
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 22 Dec, 2015 12:12 AM
Hello, can you show me the configuration for when you've enabled the proxy?
Support Staff 2 Posted by Tasos Laskos on 24 Feb, 2016 12:30 PM
I'm closing this due to lack of feedback, if the latest version is still giving you trouble feel free to reopen this discussion.
Cheers
Tasos Laskos closed this discussion on 24 Feb, 2016 12:30 PM.