search

Arachni / arachni

Web Application Security Scanner Framework
http://www.arachni-scanner.com
Other
3.76k stars 762 forks source link

There is an error when I scan this site ( Then shows me sorry ~~ on web) #1014

Open ktjd123 opened 5 years ago

ktjd123 commented 5 years ago 
2018-10-17 11:13:21 +0900 --------------------------------------------------------------------------------
ENV:
---
CPLUS_INCLUDE_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/include"
TERM_PROGRAM: iTerm.app
DYLD_FALLBACK_LIBRARY_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib:/usr/lib:/usr/local/lib"
GEM_HOME: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems"
TERM: xterm-256color
SHELL: "/usr/local/bin/fish"
OMF_CONFIG: "/Users/peter/.config/omf"
IRBRC: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/.irbrc"
TMPDIR: "/var/folders/q2/646jqbb119b85hg_1z34ts7c0000gn/T/"
LIBRARY_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib:/usr/lib:/usr/local/lib"
Apple_PubSub_Socket_Render: "/private/tmp/com.apple.launchd.rMa234WJ4z/Render"
TERM_PROGRAM_VERSION: 3.2.3
MY_RUBY_HOME: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby"
TERM_SESSION_ID: w0t0p0:21B76D1A-0114-4229-BE2B-BA160C6F0207
USER: peter
LD_LIBRARY_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib:/usr/lib:/usr/local/lib"
SSH_AUTH_SOCK: "/private/tmp/com.apple.launchd.FsRJrkk4eC/Listeners"
__CF_USER_TEXT_ENCODING: 0x1F5:0x3:0x33
FONTCONFIG_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/home/arachni/.fonts"
PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/bin:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/../bin:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/bin:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems/bin:/opt/metasploit-framework/bin:/Users/peter/.yarn/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin:/Applications/VMware
  Fusion.app/Contents/Public:/usr/local/share/dotnet:/usr/local/go/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Applications/Wireshark.app/Contents/MacOS"
C_INCLUDE_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/include"
PWD: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin"
ARACHNI_WEBUI_LOGDIR: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/logs/webui"
ITERM_PROFILE: Default
ARACHNI_FRAMEWORK_LOGDIR: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/logs/framework"
XPC_FLAGS: '0x0'
XPC_SERVICE_NAME: '0'
SHLVL: '1'
HOME: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/home/arachni"
COLORFGBG: 15;0
RAILS_ENV: production
OMF_PATH: "/Users/peter/.local/share/omf"
ITERM_SESSION_ID: w0t0p0:21B76D1A-0114-4229-BE2B-BA160C6F0207
LOGNAME: peter
GEM_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems"
LC_CTYPE: UTF-8
RUBYLIB: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/bundler-1.14.6/lib:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/2.2.0:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/2.2.0/x86_64-darwin13:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/site_ruby/2.2.0/x86_64-darwin13"
RUBY_VERSION: ruby-2.2.3
COLORTERM: truecolor
RACK_ENV: development
BUNDLE_GEMFILE: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/system/arachni-ui-web/Gemfile"
BUNDLER_ORIG_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/../bin:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/bin:/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems/bin:/opt/metasploit-framework/bin:/Users/peter/.yarn/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/opt/X11/bin:/Applications/VMware
  Fusion.app/Contents/Public:/usr/local/share/dotnet:/usr/local/go/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Applications/Wireshark.app/Contents/MacOS"
BUNDLER_ORIG_GEM_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems"
BUNDLE_BIN_PATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/bundler-1.14.6/exe/bundle"
BUNDLER_VERSION: 1.14.6
RUBYOPT: "-rbundler/setup"
MANPATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/kramdown-1.4.1/man"
BUNDLER_ORIG_MANPATH: "/Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/kramdown-1.4.1/man"
--------------------------------------------------------------------------------
OPTIONS:
---
datastore:
  token: 43c92cae4961d42f675ea0283508d7f0
scope:
  redundant_path_patterns: {}
  dom_depth_limit: 5
  exclude_file_extensions:
  - "[]"
  exclude_path_patterns: []
  exclude_content_patterns: []
  include_path_patterns: []
  restrict_paths: []
  extend_paths: []
  url_rewrites: {}
http:
  user_agent: Arachni/v1.5.1
  request_timeout: 10000
  request_redirect_limit: 5
  request_concurrency: 20
  request_queue_size: 100
  request_headers: {}
  response_max_size: 500000
  cookies: {}
  authentication_type: auto
input:
  values:
    name: arachni_name
    user: arachni_user
    usr: arachni_user
    pass: 5543!%arachni_secret
    txt: arachni_text
    num: '132'
    amount: '100'
    mail: arachni@email.gr
    account: '12'
    id: '1'
  default_values:
    name: arachni_name
    user: arachni_user
    usr: arachni_user
    pass: 5543!%arachni_secret
    txt: arachni_text
    num: '132'
    amount: '100'
    mail: arachni@email.gr
    account: '12'
    id: '1'
  without_defaults: true
  force: false
browser_cluster:
  local_storage: {}
  wait_for_elements: {}
  pool_size: 6
  job_timeout: 10
  worker_time_to_live: 100
  ignore_images: false
  screen_width: 1600
  screen_height: 1200
session: {}
audit:
  parameter_values: true
  exclude_vector_patterns: []
  include_vector_patterns: []
  link_templates: []
  links: true
  forms: true
  cookies: true
  jsons: true
  xmls: true
  ui_forms: true
  ui_inputs: true
checks:
- allowed_methods
- backdoors
- backup_directories
- backup_files
- captcha
- code_injection
- code_injection_php_input_wrapper
- code_injection_timing
- common_admin_interfaces
- common_directories
- common_files
- cookie_set_for_parent_domain
- credit_card
- csrf
- cvs_svn_users
- directory_listing
- emails
- file_inclusion
- form_upload
- hsts
- htaccess_limit
- html_objects
- http_only_cookies
- http_put
- insecure_client_access_policy
- insecure_cookies
- insecure_cors_policy
- insecure_cross_domain_policy_access
- insecure_cross_domain_policy_headers
- interesting_responses
- ldap_injection
- localstart_asp
- mixed_resource
- no_sql_injection
- no_sql_injection_differential
- origin_spoof_access_restriction_bypass
- os_cmd_injection
- os_cmd_injection_timing
- password_autocomplete
- path_traversal
- private_ip
- response_splitting
- rfi
- session_fixation
- source_code_disclosure
- sql_injection
- sql_injection_differential
- sql_injection_timing
- ssn
- trainer
- unencrypted_password_forms
- unvalidated_redirect
- unvalidated_redirect_dom
- webdav
- x_frame_options
- xpath_injection
- xss
- xss_dom
- xss_dom_script_context
- xss_event
- xss_path
- xss_script_context
- xss_tag
- xst
- xxe
platforms: []
plugins:
  autothrottle: {}
  discovery: {}
  healthmap: {}
  timing_attacks: {}
  uniformity: {}
no_fingerprinting: false
authorized_by: 
url: ******************* ( hided for security :) )
--------------------------------------------------------------------------------
[2018-10-17 11:13:21 +0900] [Errno::EBADF] Bad file descriptor
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:651:in `select'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:651:in `block in select_connections'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor/connection/error.rb:26:in `call'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor/connection/error.rb:26:in `translate'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:650:in `select_connections'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:568:in `process_connections'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:316:in `block in run'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:307:in `loop'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:307:in `run'
[2018-10-17 11:13:21 +0900] /Users/peter/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:349:in `block in run_in_thread'
briantully commented 2 years ago

For what it's worth, it's over 3 years later and I'm having the same "Bad file descriptor" error with arachni-reactor 

[2022-01-26 15:11:39 -0500] [Errno::EBADF] Bad file descriptor
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:651:in `select'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:651:in `block in select_connections'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor/connection/error.rb:26:in `call'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor/connection/error.rb:26:in `translate'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:650:in `select_connections'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:568:in `process_connections'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:316:in `block in run'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:307:in `loop'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:307:in `run'
[2022-01-26 15:11:39 -0500] /Users/brian.tully/bin/arachni/system/gems/gems/arachni-reactor-0.1.2/lib/arachni/reactor.rb:349:in `block in run_in_thread'
Zapotek commented 2 years ago

Hello,

Would you be open to sending me the URL in private in order to try and reproduce this?

briantully commented 2 years ago

Hello,

Would you be open to sending me the URL in private in order to try and reproduce this?

Sure, how should I send it to you? Thanks for your help! :)

Zapotek commented 2 years ago

Please send it to: tasos.laskos@arachni-scanner.com