How to pass cookies file to REST API
Hi,
I am new to arachni,
how to pass cookies file to REST API to maintain login
session
following :- https://github.com/Arachni/arachni/wiki/REST-API#example-client
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 22 Feb, 2017 01:50 PM
Hello,
It's better to use either the
login_script
ofautologin
plugins and don't forget to exclude logout URLs and such.For example:
2 Posted by khalidh on 23 Feb, 2017 08:50 AM
I have a cookies.txt and cookies.jar(Netscape), i have to pass the cookies to maintain valid session.
In login_script we have to pass username and password. I have pass cookies file only, how to achieve ?
Support Staff 3 Posted by Tasos Laskos on 23 Feb, 2017 10:41 AM
You can use the following option:
Passing cookies will not maintain the session, i.e., if you get logged out the scanner won't be able to relogin.
4 Posted by khalidh on 23 Feb, 2017 11:22 AM
I added code in https://github.com/Arachni/arachni/wiki/REST-API#example-client in the ID like this
Changed to
Tried different types of code, but it will not work.
Support Staff 5 Posted by Tasos Laskos on 24 Feb, 2017 11:17 AM
My example was in JSON, you need this:
Also, I don't see you excluding logout resources, which means you'll probably get immediately logged out.
You can do it like so:
6 Posted by khalidh on 25 Feb, 2017 06:53 AM
Hi I tried but it wont work for me,
andYour code give error " arachnitest.rb:73: syntax error, unexpected tIDENTIFIER, expecting '}' ...avfmbypmxfnbw22fr55; Path='http://testfire.net'"
I tried different ways, but no luck,
Please check my attached script
7 Posted by khalidh on 27 Feb, 2017 12:39 PM
I have tried different code samples for cookies_string but no luck,Please help.
Support Staff 8 Posted by Tasos Laskos on 27 Feb, 2017 12:58 PM
You're not loading any checks and there's no 'inf' value for the
page_limit
option, you don't need to specify it at all.I'm sick at the moment but I'll take a closer look when I feel better.
Tasos Laskos closed this discussion on 10 Mar, 2017 01:46 PM.