Use cookie_jar to do authenticated scan

Yanjin's Avatar

Yanjin

05 Nov, 2012 05:08 PM

Dear Tasos,

I would like to do a authenticated scan using arachni, that is scan a web application that requires login. The login form is submitted by javascript so autologin can't help here. Plus I still have problem while using arachni proxy to handle this situation. So I turn to cookie jar for help.

I'm trying to use arachni rpc api to set option "cookie_jar" in order to do authenticated scan. I'm using "mechanize" to collect cookies. Can I pass all the cookies I collected to arachni? Or only one cookie? If only one cookie is accepted, which cookie should I pass to arachni server? The session id?

Thanks in advance.

Best,
Yanjin

  1. Support Staff 1 Posted by Tasos Laskos on 05 Nov, 2012 05:19 PM

    Tasos Laskos's Avatar
  2. Tasos Laskos closed this discussion on 05 Nov, 2012 05:19 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac