Zapotek
commented
12 years ago Hmmm....could be done, interesting. I'll look into it.
Closed ChrisJohnRiley closed 12 years ago
Zapotek
commented
12 years ago Hmmm....could be done, interesting. I'll look into it.
Zapotek
commented
12 years ago If I do this now it'll only support HTTP proxies because it'll have to use Ruby's crappy Net::HTTP class because the Proxy plugin is based on WEBrick::HTTPProxyServer.
But I'll write my own proxy server for v0.4.1 due to #61 later on.
I could patch this up for now just to help you out if you need it asap.
ChrisJohnRiley
commented
12 years ago No need for me... I just set Burp to proxy every request received to the testbed and made Arachni scan http://127.0.0.1 instead ;) Running it through now. We seeing some other oddness with --proxy but will recheck and log another bug if it still does the same thing.
Zapotek
commented
12 years ago Another one bites the dust. :)
In testing to isolate why a page was being picked up by Arachni although it wasn't visited through the Proxy plugin, I enabled --proxy=127.0.0.1:8080 to tunnel requests through Burp, however the --plugin=proxy doesn't seem to honor this configuration.
Setup:
Browser --> Arachni (Proxy Plugin) --> --proxy (Burp)
After conclusion of the proxy plugin, the reaminder of the Arachni scan takes place through the assigned Burp proxy however.