WebUI - Application Authentication
Hi
I am feeling really dumb because I can't seem to figure out how to
train Arachni to log into an application >.<
Ideally I would like to see the results in the WebUI for easier
report generation.
So far I followed the instructions in "Service Scanning" and
captured a vector.yml but it does not appear as though it is
actually logging in.
Also tried a few things including the autologin, login_script
plugins as well as the proxy plugin but again I'm unsure about how
to capture/train and replay those.
At one point I found instructions which said to:
- Log into WebUI - Configure/run Proxy - Capture login (start/stop
recording)
But I haven't been able to find that either :(
Service Scanning KB Article.
http://support.arachni-scanner.com/kb/general-use/service-scanning
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 03 Feb, 2017 09:38 AM
You don't need to capture or replay the autologin or login_script plugins, you just need to configure them again for every scan.
You can then import the report to the WebUI with
arachni_web_scan_import
.2 Posted by pipnflinx on 03 Feb, 2017 04:41 PM
Thanks Tasos,
I hadn't quite gotten around to playing with the 'arachni_web_scan_import' tool yet.
My bigger issue though seems to be getting the login functionality to work.
For the sake of clarity:
I was able to setup the 'proxy' and watched the authentication in the Arachni output. However, getting that traffic into the scanner was unclear. Is there an '--export' switch that I am not seeing?
A list of tools and their associated options would go a long way in helping me to figure this out! :D
In terms of the 'autologin' and 'login_script' tools, the KB articles were pretty good about explaining their usage, but the sample code (after tailoring values) did not appear to work for me. I did also try samples that other users had posted with no luck.
Generally speaking I am familiar enough with Ruby and JS to read and modify code but cannot necessarily code something from scratch.
Support Staff 3 Posted by Tasos Laskos on 04 Feb, 2017 01:21 PM
You can't export proxy traffic in order to replay it later, the most reliable way to login and maintain a valid session is by using the
autologin
orlogin_script
plugins.Which is best for your case depends on the web application and without access to it I won't be able to help.
The
autologin
one is the simplest, if the form is visible in the provided URL it'll fill in the form and submit it.The
login_script
is the most flexible, you use it to interact with the web application interface; the how depends on each web application.I'm afraid that I don't have anything to add that isn't in the KB articles.
As for a list of all utilities, you can find it at the Wiki, to see their options call them with the
-h
flag.4 Posted by pipnflinx on 05 Feb, 2017 12:13 AM
Thank you for the inputs.
I will give it another shot.
pipnflinx closed this discussion on 05 Feb, 2017 12:13 AM.