Why the need for HTTP://
When scanning a web app arachni enforces that you use http://www.site.com as the URL of the app being scanned. Wouldn´t be better if the user didnt specify the protocol that arachni would imply it is http? So that we can use something like this:
arachni site.com
instead of
arachni http://www.site.com
Now it will throw an exception:
url=': Invalid URL argument.
(Arachni::Exceptions::InvalidURL) from
.rvm/gems/ruby-1.9.3-p194/gems/arachni-0.4.1dev/lib/arachni/options.rb:1076:in
parse'
from
.rvm/gems/ruby-1.9.3-p194/gems/arachni-0.4.1dev/lib/arachni/options.rb:1304:in
method_missing' from
.rvm/gems/ruby-1.9.3-p194/gems/arachni-0.4.1dev/bin/arachni:20:in
'
from .rvm/gems/ruby-1.9.3-p194/bin/arachni:23:in load' from
.rvm/gems/ruby-1.9.3-p194/bin/arachni:23:in
'
by the way I'm running version v0.4.1dev, not sure if this has been already addressed on newer versions.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 12 Mar, 2013 06:32 PM
That URL serves as a reference point for every sort of path manipulation henceforth and I don't want users to think that Arachni will try to guess what protocol to use (HTTP/HTTPS) automatically (especially when using it in conjunction with the newer
--https-only
option).I feel more comfortable having the user explicitly specify the protocol he wants.
Tasos Laskos closed this discussion on 12 Mar, 2013 06:32 PM.