Original input data

John's Avatar


11 Aug, 2016 06:49 PM

Hello, arachni found "Blind SQL Injection (differential analysis) in Cookie input 'PHPSESSID"

GET /forum/login.php?redirect=posting.php%3Fmode%3Dquote&p=68922496 HTTP/1.1
Accept-Encoding: gzip, deflate
User-Agent: Safari
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.8,he;q=0.6
X-Arachni-Scan-Seed: 2706a4dc12a94e4aae0d06641c701d47
Cookie: PHPSESSID=-1839+or+1%3D2;flags=c1

is there any option in arachni so i can see original PHPSESSID data?


  1. Support Staff 1 Posted by Tasos Laskos on 13 Aug, 2016 07:43 AM

    Tasos Laskos's Avatar

    You can generate a report in JSON, it'll show you the original inputs of that vector.
    This looks like an FP though, any chance I can access the site to reproduce and fix it?

  2. 2 Posted by John on 14 Aug, 2016 11:53 AM

    John's Avatar

    Arachni often finds sqli at cookie parameter which doesn't exist, it often happens to torrent websites. I don't have access to the website's host so the most I'm able to do to help you fix this issue is to give website address, will send you it by email

  3. Support Staff 3 Posted by Tasos Laskos on 24 Aug, 2016 12:17 PM

    Tasos Laskos's Avatar

    To sum up the private discussion:

    1. Couldn't reproduce due to lack of permission to perform an identical scan.
    2. The cookie must have been seen at some point but since the system can't tell where and when it's used, it audits it for all pages.
  4. Tasos Laskos closed this discussion on 24 Aug, 2016 12:17 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac