Closed 7h3kid closed 10 years ago
Apologies, this feature is a proof-of-concept and not supported, as can be seen at the second paragraph of this file: https://github.com/Arachni/arachni/blob/master/EXPLOITATION.md#webapp-exploitation-with-arachni-and-metasploit
I should probably remove the MSF arachni plugin from the repository altogether.
Cheers
Understood sir. Is there any chance of simply allowing the ability to import arachni reports without using metatsploit to exploit them? I generally wouldn't use metasploit for web app exploitation but the metasploit database is a great way to aggregate reports from numerous tools to track vulnerabilities and remediation.
I had been using the metasploit database to pull together nmap, arachni, nessus, nexpose, and burp scans. I'm not the greatest coder by any means but I'll at least make an attempt to get this working again so you might see another question or two from me.
Thanks for arachni by the way it's one of my favorite tools.
On Thu, May 8, 2014 at 12:57 PM, Tasos Laskos notifications@github.comwrote:
Apologies, but this feature is a proof-of-concept and not supported, as can be seen at the second paragraph of this file: https://github.com/Arachni/arachni/blob/master/EXPLOITATION.md#webapp-exploitation-with-arachni-and-metasploit
I should probably remove the MSF arachni plugin from the repository altogether.
Cheers
— Reply to this email directly or view it on GitHubhttps://github.com/Arachni/arachni/issues/435#issuecomment-42575431 .
I think you should talk to the Metapsloit team about that, they might be interested in adding an importer for Arachni, they maintain their importers.
Thanks for the kind words btw.
Tasos, I've seen a similar error when loading a saved report within Arachni itself. I will do some testing with it and see if I can reproduce it for you.
That's a big problem, please do let me know as soon as you come across a scan/report that reproduces the issue.
With version 0.4.7 of arachni and metasploit v4.9.2-dev I'm getting the following error when trying to import an arachni report.
msf > load arachni [+] Added 4 Exploit modules for Arachni [+] Added 1 Auxiliary modules for Arachni [_] Successfully loaded plugin: arachni msf > arachniload report.msf [] Loading report... [*] Loaded 8 vulnerabilities.
Call stack: msf4/plugins/arachni.rb:350:in'
block in cmd_arachni_list_exploits' msf4/plugins/arachni.rb:349:in
each' msf4/plugins/arachni.rb:349:ineach_with_index' msf4/plugins/arachni.rb:349:in
cmd_arachni_list_exploits' msf4/plugins/arachni.rb:79:incmd_arachni_load' msf4/lib/rex/ui/text/dispatcher_shell.rb:427:in
run_command' msf4/lib/rex/ui/text/dispatcher_shell.rb:389:inblock in run_single' msf4/lib/rex/ui/text/dispatcher_shell.rb:383:in
each' msf4/lib/rex/ui/text/dispatcher_shell.rb:383:inrun_single' msf4/lib/rex/ui/text/shell.rb:200:in
run' ./msfconsole:148:in `