Closed d4op closed 9 years ago
Zapotek
commented
9 years ago I'm not sure, could you please upload the relevant dump file (/tmp/707ef7d6-05f4-8058-44405ca2-50fe79df.dmp) somewhere for me to inspect?
This issue isn't directly related to Arachni but rather one of its dependencies (its browser) so it's tricky.
Also, did you scan continue? In most cases the system will simply try to spawn a new browser whenever such errors occur.
Cheers
d4op
commented
9 years ago Okay here is another
2015-05-04 09:43:19 -0500 --------------------------------------------------------------------------------
ENV:
---
CPLUS_INCLUDE_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/include"
LC_PAPER: de_DE.UTF-8
LC_ADDRESS: de_DE.UTF-8
LC_MONETARY: de_DE.UTF-8
HOSTNAME: s18204995.onlinehome-server.info
rvm_bin_path: "/usr/local/rvm/bin"
GEM_HOME: "/root/arachni-1.1-0.5.7/system/gems"
SHELL: "/bin/bash"
TERM: xterm
HISTSIZE: '1000'
SSH_CLIENT: xxxxxxxxxx 61089 22
IRBRC: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/.irbrc"
LIBRARY_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib"
LC_NUMERIC: de_DE.UTF-8
MY_RUBY_HOME: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby"
SSH_TTY: "/dev/pts/0"
USER: root
LD_LIBRARY_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib"
LC_TELEPHONE: de_DE.UTF-8
LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.tbz=01;31:*.tbz2=01;31:*.bz=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:'
_system_type: Linux
rvm_path: "/usr/local/rvm"
rvm_prefix: "/usr/local"
PATH: "/root/arachni-1.1-0.5.7/system/gems/bin:/root/arachni-1.1-0.5.7/bin/../system/../bin:/root/arachni-1.1-0.5.7/bin/../system/usr/bin:/root/arachni-1.1-0.5.7/bin/../system/gems/bin:/usr/local/rvm/gems/ruby-2.2.0/bin:/usr/local/rvm/gems/ruby-2.2.0@global/bin:/usr/local/rvm/rubies/ruby-2.2.0/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/rvm/bin:/root/bin"
MAIL: "/var/spool/mail/root"
C_INCLUDE_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/include"
LC_IDENTIFICATION: de_DE.UTF-8
PWD: "/root/arachni-1.1-0.5.7/bin"
ARACHNI_WEBUI_LOGDIR: "/root/arachni-1.1-0.5.7/bin/../system/logs/webui"
LANG: en_US.UTF-8
LC_MEASUREMENT: de_DE.UTF-8
ARACHNI_FRAMEWORK_LOGDIR: "/root/arachni-1.1-0.5.7/bin/../system/logs/framework"
_system_arch: x86_64
_system_version: '6'
HISTCONTROL: ignoredups
rvm_version: 1.26.10 (latest)
HOME: "/root"
SHLVL: '1'
RAILS_ENV: production
DYLD_LIBRARY_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib"
LOGNAME: root
CVS_RSH: ssh
SSH_CONNECTION: xxxxxxxxxx 61089 xxxxxxxxxx 22
GEM_PATH: "/root/arachni-1.1-0.5.7/bin/../system/gems"
LESSOPEN: "||/usr/bin/lesspipe.sh %s"
RUBYLIB: "/root/arachni-1.1-0.5.7/system/gems/gems/bundler-1.9.5/lib:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/2.2.0:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/2.2.0/x86_64-linux:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/site_ruby/2.2.0/x86_64-linux"
LC_TIME: de_DE.UTF-8
RUBY_VERSION: ruby-2.2.2
G_BROKEN_FILENAMES: '1'
_system_name: CentOS
LC_NAME: de_DE.UTF-8
RACK_ENV: development
BUNDLE_GEMFILE: "/root/arachni-1.1-0.5.7/system/arachni-ui-web/Gemfile"
_ORIGINAL_GEM_PATH: "/root/arachni-1.1-0.5.7/bin/../system/gems"
BUNDLE_BIN_PATH: "/root/arachni-1.1-0.5.7/system/gems/gems/bundler-1.9.5/bin/bundle"
RUBYOPT: "-rbundler/setup"
MANPATH: "/root/arachni-1.1-0.5.7/system/gems/gems/kramdown-1.4.1/man"
BUNDLE_ORIG_MANPATH: "/root/arachni-1.1-0.5.7/system/gems/gems/kramdown-1.4.1/man"
--------------------------------------------------------------------------------
OPTIONS:
---
session: {}
audit:
parameter_values: true
exclude_vector_patterns: []
include_vector_patterns: []
link_templates: []
links: true
forms: true
cookies: true
jsons: true
xmls: true
input:
values:
"(?i-mx:name)": arachni_name
"(?i-mx:user)": arachni_user
"(?i-mx:usr)": arachni_user
"(?i-mx:pass)": 5543!%arachni_secret
"(?i-mx:txt)": arachni_text
"(?i-mx:num)": '132'
"(?i-mx:amount)": '100'
"(?i-mx:mail)": arachni@email.gr
"(?i-mx:account)": '12'
"(?i-mx:id)": '1'
default_values:
"(?i-mx:name)": arachni_name
"(?i-mx:user)": arachni_user
"(?i-mx:usr)": arachni_user
"(?i-mx:pass)": 5543!%arachni_secret
"(?i-mx:txt)": arachni_text
"(?i-mx:num)": '132'
"(?i-mx:amount)": '100'
"(?i-mx:mail)": arachni@email.gr
"(?i-mx:account)": '12'
"(?i-mx:id)": '1'
without_defaults: true
force: false
datastore:
token: 3f8d3a924ede8d277feb935266330de2
http:
user_agent: Arachni/v1.1
request_timeout: 10000
request_redirect_limit: 5
request_concurrency: 20
request_queue_size: 500
request_headers: {}
response_max_size: 500000
cookies: {}
browser_cluster:
pool_size: 6
job_timeout: 15
worker_time_to_live: 100
ignore_images: false
screen_width: 1600
screen_height: 1200
scope:
redundant_path_patterns: {}
dom_depth_limit: 5
exclude_path_patterns: []
exclude_content_patterns: []
include_path_patterns: []
restrict_paths: []
extend_paths: []
url_rewrites: {}
checks:
- allowed_methods
- backdoors
- backup_directories
- backup_files
- captcha
- code_injection
- code_injection_php_input_wrapper
- code_injection_timing
- common_directories
- common_files
- cookie_set_for_parent_domain
- credit_card
- csrf
- cvs_svn_users
- directory_listing
- emails
- file_inclusion
- form_upload
- hsts
- htaccess_limit
- html_objects
- http_only_cookies
- http_put
- insecure_client_access_policy
- insecure_cookies
- insecure_cors_policy
- insecure_cross_domain_policy_access
- insecure_cross_domain_policy_headers
- interesting_responses
- ldap_injection
- localstart_asp
- mixed_resource
- no_sql_injection
- no_sql_injection_differential
- origin_spoof_access_restriction_bypass
- os_cmd_injection
- os_cmd_injection_timing
- password_autocomplete
- path_traversal
- private_ip
- response_splitting
- rfi
- session_fixation
- source_code_disclosure
- sql_injection
- sql_injection_differential
- sql_injection_timing
- ssn
- trainer
- unencrypted_password_forms
- unvalidated_redirect
- unvalidated_redirect_dom
- webdav
- x_frame_options
- xpath_injection
- xss
- xss_dom
- xss_dom_inputs
- xss_dom_script_context
- xss_event
- xss_path
- xss_script_context
- xss_tag
- xst
- xxe
platforms: []
plugins:
autothrottle: {}
discovery: {}
healthmap: {}
timing_attacks: {}
uniformity: {}
no_fingerprinting: false
authorized_by:
url: http://testphp.vulnweb.com/
--------------------------------------------------------------------------------
[2015-05-04 09:43:20 -0500] Could not spawn browser process.
[2015-05-04 09:43:20 -0500] Fontconfig error: Cannot load default config file
PhantomJS has crashed. Please read the crash reporting guide at https://github.com/ariya/phantomjs/wiki/Crash-Reporting and file a bug report at https://github.com/ariya/phantomjs/issues/new with the crash dump file attached: /tmp/707ef7d6-05f4-8058-44405ca2-50fe79df.dmp
[2015-05-04 09:43:20 -0500] [Arachni::Browser::Error::Spawn] Could not start the browser process.
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser.rb:1046:in `spawn_browser'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser.rb:957:in `selenium'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser.rb:155:in `initialize'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster/worker.rb:60:in `initialize'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:391:in `new'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:391:in `block in initialize_workers'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:390:in `times'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:390:in `initialize_workers'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:131:in `initialize'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/browser.rb:33:in `new'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/browser.rb:33:in `block in browser_cluster'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/usr/lib/ruby/2.2.0/monitor.rb:211:in `mon_synchronize'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/browser.rb:28:in `browser_cluster'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/audit.rb:169:in `audit'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120:in `block in run'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:in `call'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:in `exception_jail'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120:in `run'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/rpc/server/framework.rb:154:in `block in run'
[2015-05-04 09:43:20 -0500]
[2015-05-04 09:43:20 -0500] Parent:
[2015-05-04 09:43:20 -0500] Arachni::RPC::Server::Framework
[2015-05-04 09:43:20 -0500]
[2015-05-04 09:43:20 -0500] Block:
[2015-05-04 09:43:20 -0500] #<Proc:0x00000003cef5d8@/root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120>
[2015-05-04 09:43:20 -0500]
[2015-05-04 09:43:20 -0500] Caller:
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:in `exception_jail'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120:in `run'
[2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/rpc/server/framework.rb:154:in `block in run'
[2015-05-04 09:43:20 -0500] --------------------------------------------------------------------------------HERE DUMP
http://www.file-upload.net/download-10588737/707ef7d6-05f4-8058-44405ca2-50fe79df.dmp.html
Zapotek
commented
9 years ago I've never come across this before so it probably is an env issue, what OS/arch are you using?
d4op
commented
9 years ago CentOS 6 x64
Zapotek
commented
9 years ago Also, did the scan actually continue after that error?
d4op
commented
9 years ago It tells me initializing cluster stuff and then it hangs, it didnt even start to scan. after some time it stops and this error appears.
Zapotek
commented
9 years ago Ok, so no matter how many time it retries that error always happens. Can you please run the following commands and show me the output?
./bin/arachni_shell -c 'which phantomjs'./bin/arachni_shell -c 'phantomjs -v'./bin/arachni_shell -c 'phantomjs'./bin/arachni_shell -c 'phantomjs --webdriver=9999'd4op
commented
9 years ago d4op
commented
9 years ago ?
Zapotek
commented
9 years ago I'm not sure what's going on, everything looks good (that Fontconfig error is irrelevant).
Could you please give this a shot too?
./bin/arachni_shell -c 'phantomjs --webdriver=9999 --disk-cache=true'
Also, does the error occur when you run it as a non-root user?
d4op
commented
9 years ago arachni-1.1-0.5.7]# ./bin/arachni_shell -c 'phantomjs --webdriver=9999 --disk-cache=true' Fontconfig error: Cannot load default config file PhantomJS is launching GhostDriver... [INFO - 2015-05-05T11:50:20.649Z] GhostDriver - Main - running on port 9999
i am root
Zapotek
commented
9 years ago Yeah but does the issue occur when you run a scan as a regular user?
d4op
commented
9 years ago not tested.
d4op
commented
9 years ago deleted regular user
Zapotek
commented
9 years ago Could you please try it?
d4op
commented
9 years ago /root/arachni-1.1-0.5.7/system/gems/gems/simple_form-3.0.3/lib/simple_form/inputs/boolean_input.rb:38: warning: circular argument reference - unchecked_value
when starting up web ui is that importatnt ?
Zapotek
commented
9 years ago No not really.
d4op
commented
9 years ago same error when using a regular user
Zapotek
commented
9 years ago This is really strange, I'll have to reach out to the maintainers of the browser and see if they have any ideas.
Thanks for your feedback, much appreciated.
d4op
commented
9 years ago I, [2015-05-05T07:00:47.245215 #17533] INFO -- Call: service.native_progress [127.0.0.1]
thats the console print. while scaning
d4op
commented
9 years ago and i got around 11 core.XXXX files in my bin dir
Zapotek
commented
9 years ago For some reason the browser segfaults and creates those core dumps.
d4op
commented
9 years ago which browser is used ?
Zapotek
commented
9 years ago Arachni bundles and uses PhantomJS.
d4op
commented
9 years ago ./arachni --browser-cluster-pool-size 1 http://www.example.com working just fine. using 2 or more will cause in this error.
d4op
commented
9 years ago can i limit the cluster pool in the web ui ?
Zapotek
commented
9 years ago Yep, you can find that option in the Browser section of the Profile edit page.
d4op
commented
9 years ago ok will try
d4op
commented
9 years ago which setting ? Http request concurrency this ?
Zapotek
commented
9 years ago No, you'll find a "Browser cluster" section towards the bottom of the page.
Also, what specs does your machine have? CPU, RAM, disk space etc.
d4op
commented
9 years ago after setting it to 1 in default. its still not working @webui @cli it works
Zapotek
commented
9 years ago Could you please tell me the specs of your machine?
d4op
commented
9 years ago 2 vCore 2 GB 150 GB
Zapotek
commented
9 years ago I think it's safe to call this an env issue at this point.
Does dmesg include any output that relates to the issue?
Zapotek
commented
9 years ago Closing the issue but please let me know if anything comes up.
anandumdas
commented
7 years ago Had the same issue. Downloaded the latest nightlies. Works like charm.
Zapotek
commented
7 years ago @anandumdas The nighlties allow more time for the browser to start.
2015-05-04 09:43:19 -0500 --------------------------------------------------------------------------------
ENV:
CPLUS_INCLUDE_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/include" LC_PAPER: de_DE.UTF-8 LC_ADDRESS: de_DE.UTF-8 LC_MONETARY: de_DE.UTF-8 HOSTNAME: xxxxxxxxx rvm_bin_path: "/usr/local/rvm/bin" GEM_HOME: "/root/arachni-1.1-0.5.7/system/gems" SHELL: "/bin/bash" TERM: xterm HISTSIZE: '1000' SSH_CLIENT: xxxxxxxxxxxxx 61089 22 IRBRC: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/.irbrc" LIBRARY_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib" LC_NUMERIC: de_DE.UTF-8 MY_RUBY_HOME: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby" SSH_TTY: "/dev/pts/0" USER: root LD_LIBRARY_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib" LC_TELEPHONE: de_DE.UTF-8 LSCOLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:.tar=01;31:.tgz=01;31:.arj=01;31:.taz=01;31:.lzh=01;31:.lzma=01;31:.tlz=01;31:.txz=01;31:.zip=01;31:.z=01;31:.Z=01;31:.dz=01;31:.gz=01;31:.lz=01;31:.xz=01;31:.bz2=01;31:.tbz=01;31:.tbz2=01;31:.bz=01;31:.tz=01;31:.deb=01;31:.rpm=01;31:.jar=01;31:.rar=01;31:.ace=01;31:.zoo=01;31:.cpio=01;31:.7z=01;31:.rz=01;31:.jpg=01;35:.jpeg=01;35:.gif=01;35:.bmp=01;35:.pbm=01;35:.pgm=01;35:.ppm=01;35:.tga=01;35:.xbm=01;35:.xpm=01;35:.tif=01;35:.tiff=01;35:.png=01;35:.svg=01;35:.svgz=01;35:.mng=01;35:.pcx=01;35:.mov=01;35:.mpg=01;35:.mpeg=01;35:.m2v=01;35:.mkv=01;35:.ogm=01;35:.mp4=01;35:.m4v=01;35:.mp4v=01;35:.vob=01;35:.qt=01;35:.nuv=01;35:.wmv=01;35:.asf=01;35:.rm=01;35:.rmvb=01;35:.flc=01;35:.avi=01;35:.fli=01;35:.flv=01;35:.gl=01;35:.dl=01;35:.xcf=01;35:.xwd=01;35:.yuv=01;35:.cgm=01;35:.emf=01;35:.axv=01;35:.anx=01;35:.ogv=01;35:.ogx=01;35:.aac=01;36:.au=01;36:.flac=01;36:.mid=01;36:.midi=01;36:.mka=01;36:.mp3=01;36:.mpc=01;36:.ogg=01;36:.ra=01;36:.wav=01;36:.axa=01;36:.oga=01;36:.spx=01;36:_.xspf=01;36:' _system_type: Linux rvm_path: "/usr/local/rvm" rvm_prefix: "/usr/local" PATH: "/root/arachni-1.1-0.5.7/system/gems/bin:/root/arachni-1.1-0.5.7/bin/../system/../bin:/root/arachni-1.1-0.5.7/bin/../system/usr/bin:/root/arachni-1.1-0.5.7/bin/../system/gems/bin:/usr/local/rvm/gems/ruby-2.2.0/bin:/usr/local/rvm/gems/ruby-2.2.0@global/bin:/usr/local/rvm/rubies/ruby-2.2.0/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/rvm/bin:/root/bin" MAIL: "/var/spool/mail/root" C_INCLUDE_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/include" LC_IDENTIFICATION: de_DE.UTF-8 PWD: "/root/arachni-1.1-0.5.7/bin" ARACHNI_WEBUI_LOGDIR: "/root/arachni-1.1-0.5.7/bin/../system/logs/webui" LANG: en_US.UTF-8 LC_MEASUREMENT: de_DE.UTF-8 ARACHNI_FRAMEWORK_LOGDIR: "/root/arachni-1.1-0.5.7/bin/../system/logs/framework" _system_arch: x86_64 _system_version: '6' HISTCONTROL: ignoredups rvm_version: 1.26.10 (latest) HOME: "/root" SHLVL: '1' RAILS_ENV: production DYLD_LIBRARY_PATH: "/root/arachni-1.1-0.5.7/bin/../system/usr/lib" LOGNAME: root CVS_RSH: ssh SSH_CONNECTION: xxxxxxxxxxx 61089 xxxxxxxxxxxxxx GEM_PATH: "/root/arachni-1.1-0.5.7/bin/../system/gems" LESSOPEN: "||/usr/bin/lesspipe.sh %s" RUBYLIB: "/root/arachni-1.1-0.5.7/system/gems/gems/bundler-1.9.5/lib:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/2.2.0:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/2.2.0/x86_64-linux:/root/arachni-1.1-0.5.7/bin/../system/usr/lib/ruby/site_ruby/2.2.0/x86_64-linux" LC_TIME: de_DE.UTF-8 RUBY_VERSION: ruby-2.2.2 G_BROKEN_FILENAMES: '1' _system_name: CentOS LC_NAME: de_DE.UTF-8 RACK_ENV: development BUNDLE_GEMFILE: "/root/arachni-1.1-0.5.7/system/arachni-ui-web/Gemfile" _ORIGINAL_GEM_PATH: "/root/arachni-1.1-0.5.7/bin/../system/gems" BUNDLE_BIN_PATH: "/root/arachni-1.1-0.5.7/system/gems/gems/bundler-1.9.5/bin/bundle" RUBYOPT: "-rbundler/setup" MANPATH: "/root/arachni-1.1-0.5.7/system/gems/gems/kramdown-1.4.1/man"
BUNDLE_ORIG_MANPATH: "/root/arachni-1.1-0.5.7/system/gems/gems/kramdown-1.4.1/man"
OPTIONS:
session: {} audit: parameter_values: true exclude_vector_patterns: [] include_vector_patterns: [] link_templates: [] links: true forms: true cookies: true jsons: true xmls: true input: values: "(?i-mx:name)": arachni_name "(?i-mx:user)": arachni_user "(?i-mx:usr)": arachni_user "(?i-mx:pass)": 5543!%arachni_secret "(?i-mx:txt)": arachni_text "(?i-mx:num)": '132' "(?i-mx:amount)": '100' "(?i-mx:mail)": arachni@email.gr "(?i-mx:account)": '12' "(?i-mx:id)": '1' default_values: "(?i-mx:name)": arachni_name "(?i-mx:user)": arachni_user "(?i-mx:usr)": arachni_user "(?i-mx:pass)": 5543!%arachni_secret "(?i-mx:txt)": arachni_text "(?i-mx:num)": '132' "(?i-mx:amount)": '100' "(?i-mx:mail)": arachni@email.gr "(?i-mx:account)": '12' "(?i-mx:id)": '1' without_defaults: true force: false datastore: token: 3f8d3a924ede8d277feb935266330de2 http: user_agent: Arachni/v1.1 request_timeout: 10000 request_redirect_limit: 5 request_concurrency: 20 request_queue_size: 500 request_headers: {} response_max_size: 500000 cookies: {} browser_cluster: pool_size: 6 job_timeout: 15 worker_time_to_live: 100 ignore_images: false screen_width: 1600 screen_height: 1200 scope: redundant_path_patterns: {} dom_depth_limit: 5 exclude_path_patterns: [] exclude_content_patterns: [] include_path_patterns: [] restrict_paths: [] extend_paths: [] url_rewrites: {} checks:
xxe platforms: [] plugins: autothrottle: {} discovery: {} healthmap: {} timing_attacks: {} uniformity: {} no_fingerprinting: false authorized_by: url: http://testphp.vulnweb.com/
[2015-05-04 09:43:20 -0500] Could not spawn browser process. [2015-05-04 09:43:20 -0500] Fontconfig error: Cannot load default config file PhantomJS has crashed. Please read the crash reporting guide at https://github.com/ariya/phantomjs/wiki/Crash-Reporting and file a bug report at https://github.com/ariya/phantomjs/issues/new with the crash dump file attached: /tmp/707ef7d6-05f4-8058-44405ca2-50fe79df.dmp
[2015-05-04 09:43:20 -0500] [Arachni::Browser::Error::Spawn] Could not start the browser process. [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser.rb:1046:in
spawn_browser' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser.rb:957:inselenium' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser.rb:155:ininitialize' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster/worker.rb:60:ininitialize' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:391:innew' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:391:inblock in initialize_workers' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:390:intimes' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:390:ininitialize_workers' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/browser_cluster.rb:131:ininitialize' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/browser.rb:33:innew' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/browser.rb:33:inblock in browser_cluster' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/usr/lib/ruby/2.2.0/monitor.rb:211:inmon_synchronize' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/browser.rb:28:inbrowser_cluster' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework/parts/audit.rb:169:inaudit' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120:inblock in run' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:incall' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:inexception_jail' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120:inrun' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/rpc/server/framework.rb:154:inblock in run' [2015-05-04 09:43:20 -0500] [2015-05-04 09:43:20 -0500] Parent: [2015-05-04 09:43:20 -0500] Arachni::RPC::Server::Framework [2015-05-04 09:43:20 -0500] [2015-05-04 09:43:20 -0500] Block: [2015-05-04 09:43:20 -0500] #<Proc:0x00000003cef5d8@/root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120> [2015-05-04 09:43:20 -0500] [2015-05-04 09:43:20 -0500] Caller: [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/utilities.rb:400:inexception_jail' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/framework.rb:120:inrun' [2015-05-04 09:43:20 -0500] /root/arachni-1.1-0.5.7/system/gems/gems/arachni-1.1/lib/arachni/rpc/server/framework.rb:154:inblock in run' [2015-05-04 09:43:20 -0500] --------------------------------------------------------------------------------