Why the need for HTTP://
When scanning a web app arachni enforces that you use http://www.site.com as the URL of the app being scanned. Wouldn´t be better if the user didnt specify the protocol that arachni would imply it is http? So that we can use something like this:
arachni site.com
instead of
arachni http://www.site.com
Now it will throw an exception:
url=': Invalid URL argument.
(Arachni::Exceptions::InvalidURL) from
.rvm/gems/ruby-1.9.3-p194/gems/arachni-0.4.1dev/lib/arachni/options.rb:1076:inparse'
from
.rvm/gems/ruby-1.9.3-p194/gems/arachni-0.4.1dev/lib/arachni/options.rb:1304:in
method_missing' from
.rvm/gems/ruby-1.9.3-p194/gems/arachni-0.4.1dev/bin/arachni:20:in'
from .rvm/gems/ruby-1.9.3-p194/bin/arachni:23:in load' from
.rvm/gems/ruby-1.9.3-p194/bin/arachni:23:in'
by the way I'm running version v0.4.1dev, not sure if this has been already addressed on newer versions.
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Tasos Laskos on 12 Mar, 2013 06:32 PM
That URL serves as a reference point for every sort of path manipulation henceforth and I don't want users to think that Arachni will try to guess what protocol to use (HTTP/HTTPS) automatically (especially when using it in conjunction with the newer
--https-onlyoption).I feel more comfortable having the user explicitly specify the protocol he wants.
Tasos Laskos closed this discussion on 12 Mar, 2013 06:32 PM.