--scope-extend-paths - not sure if it is working?

Zukky's Avatar

Zukky

18 May, 2017 07:31 PM

Hi,

I am using Arachni CLI, I am using the following command:

"bin/arachni --scope-include-subdomains --scope-extend-paths ./ctm_security_scanner/spider_these_urls.txt --profile-load-filepath ./security_scanner/Security_Profile.afp --report-save-path=arachni_report.afr https://enquiry-submitter.test.io | tee arachni_log.txt"

The "--scope-extend-paths" I have added points to "spider_these_urls.txt" which contains:

http://app:8081/private/ping
http://app:8081/health
http://app:8081/swagger
http://spiderme.com/yeah

However, in the log output it shows all of the directories that it spiders through but not the above 4, where does it show that this is actually spidering into those urls?

  1. Support Staff 1 Posted by Tasos Laskos on 19 May, 2017 01:06 PM

    Tasos Laskos's Avatar

    Try setting --profile-load-filepath first because right now the profile is overriding the other options.

  2. 2 Posted by Zukky on 19 May, 2017 02:06 PM

    Zukky's Avatar

    Ok, I moved "--profile-load-filepath" to the start, it now looks like such:

    "bin/arachni --profile-load-filepath ./ctm_security_scanner/Security_Profile.afp --scope-include-subdomains --scope-extend-paths ./security_scanner/spider_these_urls.txt --report-save-path=arachni_report.afr https://enquiry-submitter.test.io/health | tee arachni_log.txt"

    When I traverse through the arachni_log.txt I cannot find anywhere where it tells me that it has loaded in the urls from spider_these_urls.txt?

  3. Support Staff 3 Posted by Tasos Laskos on 19 May, 2017 02:11 PM

    Tasos Laskos's Avatar

    It won't say that explicitly, it'll just include them in the scan, you should see them in the resulting sitemap at the end of the scan.

  4. Support Staff 4 Posted by Tasos Laskos on 19 May, 2017 02:12 PM

    Tasos Laskos's Avatar

    By the way, I see that the target and the paths in the file are in different domains, if that's indeed the case then the file paths won't be followed. You can't cross domains, only subdomains.

  5. 5 Posted by Zukky on 19 May, 2017 02:26 PM

    Zukky's Avatar

    I was unaware of the domains, I removed the domains that changed and only included subdomains, I also ensured to use the same domain url. Changing the order has also helped. It is all working and I can see the traversed subdomains that were scanned (read from the spider_these_urls.txt) in the Arachni report at the end. Thank you Tasos, your help has been incredible over the past few days of questions i've been throwing across. Keep being you. Zukky

  6. Support Staff 6 Posted by Tasos Laskos on 19 May, 2017 02:28 PM

    Tasos Laskos's Avatar

    Haha no worries.

  7. Tasos Laskos closed this discussion on 19 May, 2017 02:28 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac