Home → Questions →

When Arachni CLI finishes, the previous logging information disappears

• Edit

Zukky

16 May, 2017 04:25 PM

Hi,

When I run Arachni CLI, the output I get is this:

================================================================================


 [+] Web Application Security Report - Arachni Framework

 [~] Report generated on: 2017-05-16 16:20:22 +0000
 [~] Report false positives at: http://github.com/Arachni/arachni/issues

 [+] System settings:
 [~] ---------------
 [~] Version:           1.5.1
 [~] Seed:              657943d87b2b8b9a10a43a45c821fac3
 [~] Audit started on:  2017-05-16 16:20:17 +0000
 [~] Audit finished on: 2017-05-16 16:20:22 +0000
 [~] Runtime:           00:00:05

 [~] URL:        http://app:8081/
 [~] User agent: Arachni/v1.5.1

 [*] Audited elements:
 [~] * Links
 [~] * Forms
 [~] * Cookies
 [~] * XMLs
 [~] * JSONs
 [~] * UI inputs
 [~] * UI forms

 [*] Checks: code_injection, code_injection_php_input_wrapper, code_injection_timing, csrf, file_inclusion, ldap_injection, no_sql_injection, no_sql_injection_differential, os_cmd_injection, os_cmd_injection_timing, path_traversal, response_splitting, rfi, session_fixation, source_code_disclosure, sql_injection, sql_injection_differential, sql_injection_timing, trainer, unvalidated_redirect, unvalidated_redirect_dom, xpath_injection, xss, xss_dom, xss_dom_script_context, xss_event, xss_path, xss_script_context, xss_tag, xxe, allowed_methods, backdoors, backup_directories, backup_files, captcha, common_admin_interfaces, common_directories, common_files, cookie_set_for_parent_domain, credit_card, cvs_svn_users, directory_listing, emails, form_upload, hsts, htaccess_limit, html_objects, http_only_cookies, http_put, insecure_client_access_policy, insecure_cookies, insecure_cors_policy, insecure_cross_domain_policy_access, insecure_cross_domain_policy_headers, interesting_responses, localstart_asp, mixed_resource, origin_spoof_access_restriction_bypass, password_autocomplete, private_ip, ssn, unencrypted_password_forms, webdav, x_frame_options, xst

 [~] ===========================

 [+] 0 issues were detected.


 [~] Report saved at: /arachni/app 2017-05-16 16_20_22 +0000.afr [0.0MB]
 [~] The scan has logged errors: /arachni/bin/../system/logs/framework/error-199.log

 [~] Audited 0 page snapshots.

 [~] Duration: 00:00:05
 [~] Processed 12/12 HTTP requests.
 [~] -- 30.047 requests/second.
 [~] Processed 0/0 browser jobs.
 [~] -- 0.0 second/job.

 [~] Burst response time sum     0.0 seconds
 [~] Burst response count        2
 [~] Burst average response time 0.0 seconds
 [~] Burst average               3.36 requests/second
 [~] Timed-out requests          0
 [~] Original max concurrency    20
 [~] Throttled max concurrency   20"

However, the previous logging information simply disappears? This stuff:

"Arachni - Web Application Security Scanner Framework v1.5.1
   Author: Tasos "Zapotek" Laskos <[email blocked]>

           (With the support of the community and the Arachni Team.)

   Website:       http://arachni-scanner.com
   Documentation: http://arachni-scanner.com/wiki


[~] No checks were specified, loading all.
[~] No element audit options were specified, will audit links, forms, cookies, UI inputs, UI forms, JSONs and XMLs.

[*] Initializing...
[*] Preparing plugins...
[*] ... done.
[*] BrowserCluster: Initializing 6 browsers...
[*] BrowserCluster: Spawned #1 with PID 7476 [lifeline at PID 15064].
[*] BrowserCluster: Spawned #2 with PID 15332 [lifeline at PID 17436].
[*] BrowserCluster: Spawned #3 with PID 15208 [lifeline at PID 17224].
[*] BrowserCluster: Spawned #4 with PID 16432 [lifeline at PID 18084].
[*] BrowserCluster: Spawned #5 with PID 8432 [lifeline at PID 584].
[*] BrowserCluster: Spawned #6 with PID 17668 [lifeline at PID 16380].
[*] BrowserCluster: Initialization completed with 6 browsers in the pool.

[*] [HTTP: 404] https://enquiry-submitter-energy.test.ctmers.io/
[~] Analysis resulted in 0 usable paths.
[~] DOM depth: 0 (Limit: 5)
[*] XSS in path: Checking for: https://enquiry-submitter-energy.test.ctmers.io/<my_tag_6a67d3d05474ea4a0995b7cc8d87c102/>
[*] XSS in path: Checking for: https://enquiry-submitter-energy.test.ctmers.io/>"'><my_tag_6a67d3d05474ea4a0995b7cc8d87c102/>
[*] XSS in path: Checking for: https://enquiry-submitter-energy.test.ctmers.io/
[*] XSS in path: Checking for: https://enquiry-submitter-energy.test.ctmers.io/
[*] XSS in path: Checking for: https://enquiry-submitter-energy.test.ctmers.io/
[*] XSS in path: Checking for: https://enquiry-submitter-energy.test.ctmers.io/
[*] Allowed methods: Checking...
[+] In server with action https://enquiry-submitter-energy.test.ctmers.io/
[*] Mixed Resource: Checking...
[*] XST: Checking...
[*] Harvesting HTTP responses...
[~] Depending on server responsiveness and network conditions this may take a while.
[*] localstart.asp: Checking: https://enquiry-submitter-energy.test.ctmers.io//localstart.asp
[+] In server with action https://enquiry-submitter-energy.test.ctmers.io/
[+] Interesting responses: Found an interesting response -- Code: 405.
"

How do I get this to always appear?

1. 1 Posted by Zukky on 16 May, 2017 04:26 PM

   

   That looks like a terrible mess, there is a divider in the middle.

   • Edit

2. Support Staff 2 Posted by Tasos Laskos on 16 May, 2017 05:54 PM

   

   It should always appear, did you run this on Windows? Also, did you abort the scan?

   • Edit

3. 3 Posted by Zukky on 17 May, 2017 03:46 PM

   

   Yes, it ran on windows. I ran this in Linux also and it outputs the same behaviour, it's odd. No I didn't abort the scan.

   • Edit

4. Support Staff 4 Posted by Tasos Laskos on 17 May, 2017 03:48 PM

   

   I'm starting to think that it's a problem with your terminal, I've never gotten any such issue.

   From what I can see it's not Arachni crashing or anything, the output is being truncated, there's a terminal control character for the color of the message status sign that's cut in the middle.

   • Edit

5. 5 Posted by Zukky on 17 May, 2017 07:40 PM

   

   Ah I see it, it seems like an ANSI escape character ESC[2j, I've ran the same arachni cli command on different terminals -> Git Bash, Powershell, Cmd, Bash shell and all are outputting the same behaviour, any idea what might be causing this? I've changed different settings on the terminals to no avail. I have to "> arachni_log.txt" to see the full output cause of the truncation?

   • Edit

6. Support Staff 6 Posted by Tasos Laskos on 18 May, 2017 01:04 PM

   

   When you run it on Linux, it doesn't by any chance say "Killed" at the end, does it?
   Could the OS be killing the process because it's using too much RAM?

   • Edit

7. 7 Posted by Zukky on 18 May, 2017 07:27 PM

   

   Hi Tasos,

   No, it doesn't. It says nothing at the end, just has the escape character [2j, I have tried numerous attempts, I haven't an idea why it is doing it..

   • Edit

8. Support Staff 8 Posted by Tasos Laskos on 19 May, 2017 01:11 PM

   

   The most important question I forgot to ask is, is the scan process still alive after the output stops?
   Also, does dmesg say anything interesting about the process at that time?

   • Edit

9. 9 Posted by Zukky on 19 May, 2017 02:20 PM

   

   No, the scan process is stopped, as the final output is the Arachni report and the control via the cmd line comes back to me (user). dmesg isn't showing anything out of the ordinary.

   • Edit

10. Support Staff 10 Posted by Tasos Laskos on 19 May, 2017 02:27 PM

    

    At the end of the scan the screen is cleared and the report is printed, the status messages will be there but in a page higher than your terminal would currently display.
    Is that what we're talking about?

    Also, can you please show me the configuration you're using? Are you setting any --output options?

    • Edit

11. 11 Posted by Zukky on 19 May, 2017 03:29 PM

    

    Exact CLI command from the other thread ->

    bin/arachni --profile-load-filepath ./security_scanner/Security_Profile.afp --scope-include-subdomains --scope-extend-paths ./security_scanner/spider_these_urls.txt --report-save-path=arachni_report.afr http://app:8081/ | tee arachni_log.txt

    I've recorded the terminal to show you what i'm seeing: https://www.youtube.com/watch?v=gAkEioi9qMI&feature=youtu.be

    At 2:10, you'll see i'm unable to not scroll to the above log, it's only showing the report. Would any --output arguments help in this case?

    • Edit

12. Support Staff 12 Posted by Tasos Laskos on 19 May, 2017 03:33 PM

    

    The video is unavailable, can you try configuring your terminal to allow unlimited scrollback please?

    • Edit

13. 13 Posted by Zukky on 19 May, 2017 03:35 PM

    

    Try the link now,

    I have enabled maximum scroll lines, which is much more than the report.

    • Edit

14. Support Staff 14 Posted by Tasos Laskos on 19 May, 2017 03:43 PM

    

    I don't know what's going on, are you intercepting its output somehow or maybe docker?
    I'm pretty sure that if you run Arachni on its own in any terminal it'll work as expected.

    • Edit

15. Tasos Laskos closed this discussion on 11 Jun, 2017 10:39 AM.