mdembree
commented
8 years ago Arachni is not running on Windows, it is running in a RHEL 7.1 VM.
Closed mdembree closed 8 years ago
mdembree
commented
8 years ago Arachni is not running on Windows, it is running in a RHEL 7.1 VM.
Zapotek
commented
8 years ago Is the CLI working?
mdembree
commented
8 years ago I have just run one small scan with it but yes the CLI appears to work.
Zapotek
commented
8 years ago Couldn't reproduce it, could it have been an one-off? Can you reproduce the issue reliably?
mdembree
commented
8 years ago I just ran it again in the WebUI and have the same issue.
--------------------------------------------------------------------------------
OPTIONS:
---
datastore:
token: dd3549f2566b7807fddfe1e625058f65
browser_cluster:
local_storage: {}
wait_for_elements: {}
pool_size: 6
job_timeout: 25
worker_time_to_live: 100
ignore_images: false
screen_width: 1600
screen_height: 1200
scope:
redundant_path_patterns: {}
dom_depth_limit: 5
exclude_file_extensions: []
exclude_path_patterns: []
exclude_content_patterns: []
include_path_patterns: []
restrict_paths: []
extend_paths: []
url_rewrites: {}
audit:
parameter_values: true
exclude_vector_patterns: []
include_vector_patterns: []
link_templates: []
links: true
forms: true
cookies: true
jsons: true
xmls: true
ui_forms: true
ui_inputs: true
input:
values:
name: arachni_name
user: arachni_user
usr: arachni_user
pass: 5543!%arachni_secret
txt: arachni_text
num: '132'
amount: '100'
mail: arachni@email.gr
account: '12'
id: '1'
default_values:
name: arachni_name
user: arachni_user
usr: arachni_user
pass: 5543!%arachni_secret
txt: arachni_text
num: '132'
amount: '100'
mail: arachni@email.gr
account: '12'
id: '1'
without_defaults: true
force: false
http:
user_agent: Arachni/v1.3.2
request_timeout: 10000
request_redirect_limit: 5
request_concurrency: 20
request_queue_size: 100
request_headers: {}
response_max_size: 500000
cookies: {}
session: {}
checks:
- allowed_methods
- backdoors
- backup_directories
- backup_files
- captcha
- code_injection
- code_injection_php_input_wrapper
- code_injection_timing
- common_admin_interfaces
- common_directories
- common_files
- cookie_set_for_parent_domain
- credit_card
- csrf
- cvs_svn_users
- directory_listing
- emails
- file_inclusion
- form_upload
- hsts
- htaccess_limit
- html_objects
- http_only_cookies
- http_put
- insecure_client_access_policy
- insecure_cookies
- insecure_cors_policy
- insecure_cross_domain_policy_access
- insecure_cross_domain_policy_headers
- interesting_responses
- ldap_injection
- localstart_asp
- mixed_resource
- no_sql_injection
- no_sql_injection_differential
- origin_spoof_access_restriction_bypass
- os_cmd_injection
- os_cmd_injection_timing
- password_autocomplete
- path_traversal
- private_ip
- response_splitting
- rfi
- session_fixation
- source_code_disclosure
- sql_injection
- sql_injection_differential
- sql_injection_timing
- ssn
- trainer
- unencrypted_password_forms
- unvalidated_redirect
- unvalidated_redirect_dom
- webdav
- x_frame_options
- xpath_injection
- xss
- xss_dom
- xss_dom_script_context
- xss_event
- xss_path
- xss_script_context
- xss_tag
- xst
- xxe
platforms: []
plugins:
autothrottle: {}
discovery: {}
healthmap: {}
timing_attacks: {}
uniformity: {}
no_fingerprinting: false
authorized_by:
url: https://dev.iweb.internal/
--------------------------------------------------------------------------------
[2015-12-10 16:18:24 -0400] Could not spawn browser process.
[2015-12-10 16:18:24 -0400] 19206: Started
PID: 19209
19206: Working
19206: Working
19206: EOF
19206: Exiting
[2015-12-10 16:18:24 -0400] [Arachni::Browser::Error::Spawn] Could not start the browser process.
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser.rb:1211:in `spawn_browser'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser.rb:1107:in `selenium'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser.rb:197:in `initialize'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser_cluster/worker.rb:59:in `initialize'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser_cluster.rb:475:in `new'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser_cluster.rb:475:in `block in initialize_workers'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser_cluster.rb:474:in `times'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser_cluster.rb:474:in `initialize_workers'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/browser_cluster.rb:119:in `initialize'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/framework/parts/browser.rb:33:in `new'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/framework/parts/browser.rb:33:in `block in browser_cluster'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/usr/lib/ruby/2.2.0/monitor.rb:211:in `mon_synchronize'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/framework/parts/browser.rb:28:in `browser_cluster'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/framework/parts/audit.rb:167:in `audit'
[2015-12-10 16:18:24 -0400] Parent:
[2015-12-10 16:18:24 -0400] Arachni::RPC::Server::Framework
[2015-12-10 16:18:24 -0400]
[2015-12-10 16:18:24 -0400] Block:
[2015-12-10 16:18:24 -0400] #<Proc:0x0000000530a390@/home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/framework.rb:117>
[2015-12-10 16:18:24 -0400]
[2015-12-10 16:18:24 -0400] Caller:
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/utilities.rb:425:in `exception_jail'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/framework.rb:117:in `run'
[2015-12-10 16:18:24 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151209/system/gems/bundler/gems/arachni-91c6b11fcb03/lib/arachni/rpc/server/framework.rb:156:in `block in run'
[2015-12-10 16:18:24 -0400] --------------------------------------------------------------------------------I have tried several scans from the WebUI, all have scanned nothing. The last scan above ended on its own, but I ran several prior, including the first scan above, that ran long enough doing nothing that I cancelled them.
Zapotek
commented
8 years ago I don't understand this, there's no error about PhantomJS being missing (because it's not) but there's no output from it either.
Are you doing anything irregular with your setup?
Does just running bin/arachni_web and then visiting localhost:9292 and starting a scan work?
This is strange.
mdembree
commented
8 years ago The set up is identical for both the current release that works and the
nightly that doesn't, the only thing I changed within the nightly (and
release) directory structure was the database.yml to point it at
PostgreSQL and the config.ru to specify host 0.0.0.0. The WebUI works, I
can view existing scans, and can start new ones, they just don't do
anything.
I even use the same command lines to execute them, I have a
link 'arachni' defined that I repoint to whichever Arachni directory I'm
using and have 'arachni/bin' in my PATH env.
On Thu, Dec 10, 2015 at 4:48 PM, Tasos Laskos notifications@github.com wrote:
I don't understand this, there's no error about PhantomJS being missing (because it's not) but there's no output from it either.
Are you doing anything irregular with your setup? Does just running bin/arachni_web and then visiting localhost:9292 and starting a scan work?
This is strange.
— Reply to this email directly or view it on GitHub https://github.com/Arachni/arachni/issues/648#issuecomment-163744961.
Zapotek
commented
8 years ago Can you please extract the nightly package to a different directory to which you have write access and try using it directly, without any sort of modifications? I need to know if that makes a difference.
mdembree
commented
8 years ago I have installed the latest nightly (2015-12-10) without any changes at all, and, from its bin directory, executed
./arachni_web --host 0.0.0.0
and then attempted to use the WebUI to scan a site.
The results were the same, no pages on the site were scanned and the scan failed with the following error file.
Arachni is running on a RHEL 7.1 VM which doesn't have X installed. I access the Arachni WebUI from a browser on a separate host, generally via an Apache HTTPS reverse proxy that is running on the same server as Arachni.
2015-12-11 12:01:01 -0400 --------------------------------------------------------------------------------
ENV:
---
CPLUS_INCLUDE_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/include"
XDG_SESSION_ID: c23
HOSTNAME: as1217.xxx.xxx.xxx.xxx
SELINUX_ROLE_REQUESTED: ''
GEM_HOME: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems"
TERM: screen
SHELL: "/bin/bash"
HISTSIZE: '1000'
IRBRC: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib/ruby/.irbrc"
SSH_CLIENT: 10.x.x.x 52395 22
LIBRARY_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib"
ARACHNI_HOME: "/home/user/apps/arachni"
CDC_PREW2KHOST: as1217
SELINUX_USE_CURRENT_RANGE: ''
MY_RUBY_HOME: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib/ruby"
SSH_TTY: "/dev/pts/0"
USER: user
LD_LIBRARY_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib"
LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:'
TERMCAP: "SC|screen|VT 100/ANSI X3.64 virtual terminal:\\\n\t:DO=\\E[%dB:LE=\\E[%dD:RI=\\E[%dC:UP=\\E[%dA:bs:bt=\\E[Z:\\\n\t:cd=\\E[J:ce=\\E[K:cl=\\E[H\\E[J:cm=\\E[%i%d;%dH:ct=\\E[3g:\\\n\t:do=^J:nd=\\E[C:pt:rc=\\E8:rs=\\Ec:sc=\\E7:st=\\EH:up=\\EM:\\\n\t:le=^H:bl=^G:cr=^M:it#8:ho=\\E[H:nw=\\EE:ta=^I:is=\\E)0:\\\n\t:li#24:co#167:am:xn:xv:LP:sr=\\EM:al=\\E[L:AL=\\E[%dL:\\\n\t:cs=\\E[%i%d;%dr:dl=\\E[M:DL=\\E[%dM:dc=\\E[P:DC=\\E[%dP:\\\n\t:im=\\E[4h:ei=\\E[4l:mi:IC=\\E[%d@:ks=\\E[?1h\\E=:\\\n\t:ke=\\E[?1l\\E>:vi=\\E[?25l:ve=\\E[34h\\E[?25h:vs=\\E[34l:\\\n\t:ti=\\E[?1049h:te=\\E[?1049l:us=\\E[4m:ue=\\E[24m:so=\\E[3m:\\\n\t:se=\\E[23m:mb=\\E[5m:md=\\E[1m:mr=\\E[7m:me=\\E[m:ms:\\\n\t:Co#8:pa#64:AF=\\E[3%dm:AB=\\E[4%dm:op=\\E[39;49m:AX:\\\n\t:vb=\\Eg:G0:as=\\E(0:ae=\\E(B:\\\n\t:ac=\\140\\140aaffggjjkkllmmnnooppqqrrssttuuvvwwxxyyzz{{||}}~~..--++,,hhII00:\\\n\t:po=\\E[5i:pf=\\E[4i:Km=\\E[M:k0=\\E[10~:k1=\\EOP:k2=\\EOQ:\\\n\t:k3=\\EOR:k4=\\EOS:k5=\\E[15~:k6=\\E[17~:k7=\\E[18~:\\\n\t:k8=\\E[19~:k9=\\E[20~:k;=\\E[21~:F1=\\E[23~:F2=\\E[24~:\\\n\t:F3=\\E[1;2P:F4=\\E[1;2Q:F5=\\E[1;2R:F6=\\E[1;2S:\\\n\t:F7=\\E[15;2~:F8=\\E[17;2~:F9=\\E[18;2~:FA=\\E[19;2~:kb=\x7F:\\\n\t:K2=\\EOE:kB=\\E[Z:kF=\\E[1;2B:kR=\\E[1;2A:*4=\\E[3;2~:\\\n\t:*7=\\E[1;2F:#2=\\E[1;2H:#3=\\E[2;2~:#4=\\E[1;2D:%c=\\E[6;2~:\\\n\t:%e=\\E[5;2~:%i=\\E[1;2C:kh=\\E[1~:@1=\\E[1~:kH=\\E[4~:\\\n\t:@7=\\E[4~:kN=\\E[6~:kP=\\E[5~:kI=\\E[2~:kD=\\E[3~:ku=\\EOA:\\\n\t:kd=\\EOB:kr=\\EOC:kl=\\EOD:km:"
DA_SESSION_ID_AUTH: 8965fc3c-37db-c14b-916c-ab8f53b0aacc
MAIL: "/var/spool/mail/user"
PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bin:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/../bin:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/bin:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/gems/bin:/usr/share/centrifydc/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/user/.local/bin:/home/user/bin:/home/user/apps/arachni/bin"
STY: 5310.pts-0.as1217
C_INCLUDE_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/include"
PWD: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin"
ARACHNI_WEBUI_LOGDIR: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/logs/webui"
LANG: en_US.UTF-8
ARACHNI_FRAMEWORK_LOGDIR: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/logs/framework"
USER_PRINCIPAL_NAME: user@xxx.xxx.xxx.xxx
SELINUX_LEVEL_REQUESTED: ''
HISTCONTROL: ignoredups
CDC_JOINED_DC: xxx.xxx.xxx.xxx.xxx
SHLVL: '2'
HOME: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/home/arachni"
CDC_JOINED_SITE: Data-Centre-Servers
RAILS_ENV: production
DYLD_LIBRARY_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib"
LOGNAME: user
WINDOW: '0'
GEM_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/gems"
SSH_CONNECTION: 10.x.x.x 52395 10.y.y.y 22
LESSOPEN: "||/usr/bin/lesspipe.sh %s"
CDC_JOINED_ZONE: CN=xxx,OU=xxx,DC=xxx
XDG_RUNTIME_DIR: "/run/user/285218791"
CDC_LOCALHOST: as1217.xxx.xxx.xxx.xxx
RUBYLIB: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/gems/bundler-1.10.6/lib:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib/ruby:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib/ruby/2.2.0:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib/ruby/2.2.0/x86_64-linux:/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/usr/lib/ruby/site_ruby/2.2.0/x86_64-linux"
RUBY_VERSION: ruby-2.2.3
CDC_JOINED_DOMAIN: xxx.xxx.xxx.xxx
RACK_ENV: development
BUNDLE_GEMFILE: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/arachni-ui-web/Gemfile"
_ORIGINAL_GEM_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/bin/../system/gems"
BUNDLE_BIN_PATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/gems/bundler-1.10.6/bin/bundle"
RUBYOPT: "-rbundler/setup"
MANPATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/gems/kramdown-1.4.1/man"
BUNDLE_ORIG_MANPATH: "/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/gems/kramdown-1.4.1/man"
--------------------------------------------------------------------------------
OPTIONS:
---
datastore:
token: 25ecdcdc623e58b60d29d51aab097abd
browser_cluster:
local_storage: {}
wait_for_elements: {}
pool_size: 6
job_timeout: 25
worker_time_to_live: 100
ignore_images: false
screen_width: 1600
screen_height: 1200
scope:
redundant_path_patterns: {}
dom_depth_limit: 5
exclude_file_extensions: []
exclude_path_patterns: []
exclude_content_patterns: []
include_path_patterns: []
restrict_paths: []
extend_paths: []
url_rewrites: {}
audit:
parameter_values: true
exclude_vector_patterns: []
include_vector_patterns: []
link_templates: []
links: true
forms: true
cookies: true
jsons: true
xmls: true
ui_forms: true
ui_inputs: true
input:
values:
name: arachni_name
user: arachni_user
usr: arachni_user
pass: 5543!%arachni_secret
txt: arachni_text
num: '132'
amount: '100'
mail: arachni@email.gr
account: '12'
id: '1'
default_values:
name: arachni_name
user: arachni_user
usr: arachni_user
pass: 5543!%arachni_secret
txt: arachni_text
num: '132'
amount: '100'
mail: arachni@email.gr
account: '12'
id: '1'
without_defaults: true
force: false
http:
user_agent: Arachni/v2.0dev
request_timeout: 10000
request_redirect_limit: 5
request_concurrency: 20
request_queue_size: 100
request_headers: {}
response_max_size: 500000
cookies: {}
session: {}
checks:
- allowed_methods
- backdoors
- backup_directories
- backup_files
- captcha
- code_injection
- code_injection_php_input_wrapper
- code_injection_timing
- common_admin_interfaces
- common_directories
- common_files
- cookie_set_for_parent_domain
- credit_card
- csrf
- cvs_svn_users
- directory_listing
- emails
- file_inclusion
- form_upload
- hsts
- htaccess_limit
- html_objects
- http_only_cookies
- http_put
- insecure_client_access_policy
- insecure_cookies
- insecure_cors_policy
- insecure_cross_domain_policy_access
- insecure_cross_domain_policy_headers
- interesting_responses
- ldap_injection
- localstart_asp
- mixed_resource
- no_sql_injection
- no_sql_injection_differential
- origin_spoof_access_restriction_bypass
- os_cmd_injection
- os_cmd_injection_timing
- password_autocomplete
- path_traversal
- private_ip
- response_splitting
- rfi
- session_fixation
- source_code_disclosure
- sql_injection
- sql_injection_differential
- sql_injection_timing
- ssn
- trainer
- unencrypted_password_forms
- unvalidated_redirect
- unvalidated_redirect_dom
- webdav
- x_frame_options
- xpath_injection
- xss
- xss_dom
- xss_dom_script_context
- xss_event
- xss_path
- xss_script_context
- xss_tag
- xst
- xxe
platforms: []
plugins:
autothrottle: {}
discovery: {}
healthmap: {}
timing_attacks: {}
uniformity: {}
no_fingerprinting: false
authorized_by:
url: https://dev.iweb.xxx.xxx.xxx/
--------------------------------------------------------------------------------
[2015-12-11 12:01:01 -0400] Could not spawn browser process.
[2015-12-11 12:01:01 -0400] 10170: Started
PID: 10173
10170: Working
10170: Working
10170: EOF
10170: Exiting
[2015-12-11 12:01:01 -0400] [Arachni::Browser::Error::Spawn] Could not start the browser process.
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser.rb:1211:in `spawn_browser'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser.rb:1107:in `selenium'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser.rb:197:in `initialize'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser_cluster/worker.rb:59:in `initialize'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser_cluster.rb:475:in `new'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser_cluster.rb:475:in `block in initialize_workers'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser_cluster.rb:474:in `times'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser_cluster.rb:474:in `initialize_workers'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/browser_cluster.rb:119:in `initialize'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework/parts/browser.rb:33:in `new'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework/parts/browser.rb:33:in `block in browser_cluster'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/usr/lib/ruby/2.2.0/monitor.rb:211:in `mon_synchronize'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework/parts/browser.rb:28:in `browser_cluster'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework/parts/audit.rb:167:in `audit'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework.rb:117:in `block in run'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/utilities.rb:425:in `call'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/utilities.rb:425:in `exception_jail'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework.rb:117:in `run'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/rpc/server/framework.rb:156:in `block in run'
[2015-12-11 12:01:01 -0400]
[2015-12-11 12:01:01 -0400] Parent:
[2015-12-11 12:01:01 -0400] Arachni::RPC::Server::Framework
[2015-12-11 12:01:01 -0400]
[2015-12-11 12:01:01 -0400] Block:
[2015-12-11 12:01:01 -0400] #<Proc:0x00000003ab2a18@/home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework.rb:117>
[2015-12-11 12:01:01 -0400]
[2015-12-11 12:01:01 -0400] Caller:
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/utilities.rb:425:in `exception_jail'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/framework.rb:117:in `run'
[2015-12-11 12:01:01 -0400] /home/user/apps/arachni-2.0dev-1.0dev_20151210/system/gems/bundler/gems/arachni-5b23971d095c/lib/arachni/rpc/server/framework.rb:156:in `block in run'
[2015-12-11 12:01:01 -0400] --------------------------------------------------------------------------------Thanks for this, can you please show me the output of:
./bin/arachni_shell -c 'phantomjs --webdriver=9999'This is pretty much how phantomjs is run by Arachni.
If you could keep track of how long it takes for running on port 9999 to be printed to the terminal that'd be very helpful as well.
Also, what are the specs of the VM?
mdembree
commented
8 years ago It ended immediately.
$ ./bin/arachni_shell -c 'phantomjs --webdriver=9999'
Fontconfig error: Cannot load default config file
PhantomJS has crashed. Please read the crash reporting guide at https://github.com/ariya/phantomjs/wiki/Crash-Reporting and file a bug report at https://github.com/ariya/phantomjs/issues/new with the crash dump file attached: /tmp/04635b29-2b8a-33cb-1bc9c284-34d5f2ed.dmp
./bin/arachni_shell: line 10: 2908 Segmentation fault (core dumped) bash --noprofile --norc "$@"It is 4 CPU, with 16 GB RAM
What sort of specs are you looking for?
Zapotek
commented
8 years ago Huh, yep, that explains it alright. So, since previous packages were working fine, it must be due to recent updates in the dependencies that are included in the package.
One dependency update happened 23 days ago and another (OpenSSL) 4 days ago, based on your activity I'd say it was the more recent one that affected you.
That still doesn't explain why I can't reproduce this though.
mdembree
commented
8 years ago Just to see what happened, I installed the 2015-12-10 nightly on a Windows 2012R2 VM and ran the same WebUI scan I had been trying on RHEL, it worked on the Windows build.
Zapotek
commented
8 years ago As far as I know the issue only occurs on your system. Windows, OSX and my Kubuntu workstation and CentOS builder boxes all do fine.
I'm downloading CentOS 7 now to see if I can reproduce it.
mdembree
commented
8 years ago If there is anything else you would like me to try to help pinpoint the issue, please let me know.
Zapotek
commented
8 years ago No dice, worked as expected. Can you also try it with debugging enabled please?
./bin/arachni_shell -c 'phantomjs --webdriver=9999 --debug=true'Maybe that'll print something useful before it crashes.
Zapotek
commented
8 years ago I'm just throwing stuff out there, but does the latest stable release work on that machine now? You don't have to run a scan, just the above command.
Maybe something changed on the machine.
mdembree
commented
8 years ago WebUI scans run fine on the current release, just not on the nightly. Following are the results using the current release.
$ cd arachni-1.3.2-0.5.9/
$ ./bin/arachni_shell -c 'phantomjs --webdriver=9999 --debug=true'
Fontconfig error: Cannot load default config file
2015-12-14T11:38:49 [DEBUG] CookieJar - Created but will not store cookies (use option '--cookies-file=<filename>' to enable persisten cookie storage)
2015-12-14T11:38:49 [DEBUG] Phantom - execute: Configuration
2015-12-14T11:38:49 [DEBUG] 0 objectName : ""
2015-12-14T11:38:49 [DEBUG] 1 cookiesFile : ""
2015-12-14T11:38:49 [DEBUG] 2 diskCacheEnabled : "false"
2015-12-14T11:38:49 [DEBUG] 3 maxDiskCacheSize : "-1"
2015-12-14T11:38:49 [DEBUG] 4 ignoreSslErrors : "false"
2015-12-14T11:38:49 [DEBUG] 5 localToRemoteUrlAccessEnabled : "false"
2015-12-14T11:38:49 [DEBUG] 6 outputEncoding : "UTF-8"
2015-12-14T11:38:49 [DEBUG] 7 proxyType : "http"
2015-12-14T11:38:49 [DEBUG] 8 proxy : ":1080"
2015-12-14T11:38:49 [DEBUG] 9 proxyAuth : ":"
2015-12-14T11:38:49 [DEBUG] 10 scriptEncoding : "UTF-8"
2015-12-14T11:38:49 [DEBUG] 11 webSecurityEnabled : "true"
2015-12-14T11:38:49 [DEBUG] 12 offlineStoragePath : ""
2015-12-14T11:38:49 [DEBUG] 13 offlineStorageDefaultQuota : "-1"
2015-12-14T11:38:49 [DEBUG] 14 printDebugMessages : "true"
2015-12-14T11:38:49 [DEBUG] 15 javascriptCanOpenWindows : "true"
2015-12-14T11:38:49 [DEBUG] 16 javascriptCanCloseWindows : "true"
2015-12-14T11:38:49 [DEBUG] 17 sslProtocol : "sslv3"
2015-12-14T11:38:49 [DEBUG] 18 sslCertificatesPath : ""
2015-12-14T11:38:49 [DEBUG] 19 webdriver : ":9999"
2015-12-14T11:38:49 [DEBUG] 20 webdriverLogFile : ""
2015-12-14T11:38:49 [DEBUG] 21 webdriverLogLevel : "INFO"
2015-12-14T11:38:49 [DEBUG] 22 webdriverSeleniumGridHub : ""
2015-12-14T11:38:49 [DEBUG] Phantom - execute: Script & Arguments
2015-12-14T11:38:49 [DEBUG] script: "main.js"
2015-12-14T11:38:49 [DEBUG] 0 arg: "--ip="
2015-12-14T11:38:49 [DEBUG] 1 arg: "--port=9999"
2015-12-14T11:38:49 [DEBUG] 2 arg: "--logLevel=INFO"
2015-12-14T11:38:49 [DEBUG] Phantom - execute: Starting Remote WebDriver mode
PhantomJS is launching GhostDriver...
2015-12-14T11:38:49 [DEBUG] WebPage - setupFrame ""
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/modules/fs.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/modules/system.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/modules/webpage.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/modules/webserver.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/ghostdriver/./hub_register.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/ghostdriver/./logger.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/ghostdriver/./third_party/console++.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/ghostdriver/./config.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/ghostdriver/./third_party/parseuri.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "session.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "inputs.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "request_handlers/request_handler.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "request_handlers/status_request_handler.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] FileSystem - _open: ":/ghostdriver/./errors.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "request_handlers/shutdown_request_handler.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "request_handlers/session_manager_request_handler.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "request_handlers/session_request_handler.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "request_handlers/webelement_request_handler.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "request_handlers/router_request_handler.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: "webelementlocator.js"
2015-12-14T11:38:49 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
[INFO - 2015-12-14T15:38:49.544Z] GhostDriver - Main - running on port 9999
^C
$ Following are the results using the most current nightly build on the same RHEL 7.1 VM.
$ cd arachni-2.0dev-1.0dev_20151210/
$ ./bin/arachni_shell -c 'phantomjs --webdriver=9999 --debug=true'
Fontconfig error: Cannot load default config file
PhantomJS has crashed. Please read the crash reporting guide at https://github.com/ariya/phantomjs/wiki/Crash-Reporting and file a bug report at https://github.com/ariya/phantomjs/issues/new with the crash dump file attached: /tmp/52797cd8-4779-7a8d-4a0153ef-1e5e6ef8.dmp
./bin/arachni_shell: line 10: 30838 Segmentation fault (core dumped) bash --noprofile --norc "$@"
$Preparing a nightly with the previous OpenSSL version now.
Zapotek
commented
8 years ago Btw, could you please attach the /tmp/52797cd8-4779-7a8d-4a0153ef-1e5e6ef8.dmp file?
It should contain some pointers.
Zapotek
commented
8 years ago Nightlies are up, give them a try (just running the phantomsj command will suffice).
mdembree
commented
8 years ago I have tried the new nightly, it made no difference.
[arachni-2.0dev-1.0dev_20151214]$ ./bin/arachni_shell -c 'phantomjs --webdriver=9999 --debug=true'
Fontconfig error: Cannot load default config file
PhantomJS has crashed. Please read the crash reporting guide at https://github.com/ariya/phantomjs/wiki/Crash-Reporting and file a bug report at https://github.com/ariya/phantomjs/issues/new with the crash dump file attached: /tmp/447c130e-5f40-0ae5-6b110bbf-6fb91c64.dmp
./bin/arachni_shell: line 10: 31373 Segmentation fault (core dumped) bash --noprofile --norc "$@"
[arachni-2.0dev-1.0dev_20151214]$I'll downgrade freetype and fontconfig, that should do it.
In the meantime, can you please attach /tmp/447c130e-5f40-0ae5-6b110bbf-6fb91c64.dmp to this issue?
mdembree
commented
8 years ago I've had a talk with one of our Linux admins and the verdict is that I can't send you the dmp file. If there is something in particular you are looking for from it, he or I might be able to extract that for you.
mdembree
commented
8 years ago BTW, the following error also occurs with the current release that works, it is shown in a previous comment.
Fontconfig error: Cannot load default config fileYeah that's pretty much irrelevant, don't worry about it. Preparing nightlies now with the other downgraded dependencies.
Zapotek
commented
8 years ago New nightlies are up with fontconfig downgraded to the version used in the last stable package.
If that doesn't work either then I'll downgrade everything.
If that doesn't work still then I'll be very angry.
mdembree
commented
8 years ago The latest nightly appears to be working again on RHEL 7.1. Thanks.
Let me know if you would like me to do further testing.
[arachni-2.0dev-1.0dev_20151215]$ ./bin/arachni_shell -c 'phantomjs --webdriver=9999 --debug=true'
Fontconfig error: Cannot load default config file
2015-12-16T13:04:08 [DEBUG] CookieJar - Created but will not store cookies (use option '--cookies-file=<filename>' to enable persisten cookie storage)
2015-12-16T13:04:08 [DEBUG] Phantom - execute: Configuration
2015-12-16T13:04:08 [DEBUG] 0 objectName : ""
2015-12-16T13:04:08 [DEBUG] 1 cookiesFile : ""
2015-12-16T13:04:08 [DEBUG] 2 diskCacheEnabled : "false"
2015-12-16T13:04:08 [DEBUG] 3 maxDiskCacheSize : "-1"
2015-12-16T13:04:08 [DEBUG] 4 ignoreSslErrors : "false"
2015-12-16T13:04:08 [DEBUG] 5 localToRemoteUrlAccessEnabled : "false"
2015-12-16T13:04:08 [DEBUG] 6 outputEncoding : "UTF-8"
2015-12-16T13:04:08 [DEBUG] 7 proxyType : "http"
2015-12-16T13:04:08 [DEBUG] 8 proxy : ":1080"
2015-12-16T13:04:08 [DEBUG] 9 proxyAuth : ":"
2015-12-16T13:04:08 [DEBUG] 10 scriptEncoding : "UTF-8"
2015-12-16T13:04:08 [DEBUG] 11 webSecurityEnabled : "true"
2015-12-16T13:04:08 [DEBUG] 12 offlineStoragePath : ""
2015-12-16T13:04:08 [DEBUG] 13 offlineStorageDefaultQuota : "-1"
2015-12-16T13:04:08 [DEBUG] 14 printDebugMessages : "true"
2015-12-16T13:04:08 [DEBUG] 15 javascriptCanOpenWindows : "true"
2015-12-16T13:04:08 [DEBUG] 16 javascriptCanCloseWindows : "true"
2015-12-16T13:04:08 [DEBUG] 17 sslProtocol : "sslv3"
2015-12-16T13:04:08 [DEBUG] 18 sslCertificatesPath : ""
2015-12-16T13:04:08 [DEBUG] 19 webdriver : ":9999"
2015-12-16T13:04:08 [DEBUG] 20 webdriverLogFile : ""
2015-12-16T13:04:08 [DEBUG] 21 webdriverLogLevel : "INFO"
2015-12-16T13:04:08 [DEBUG] 22 webdriverSeleniumGridHub : ""
2015-12-16T13:04:08 [DEBUG] Phantom - execute: Script & Arguments
2015-12-16T13:04:08 [DEBUG] script: "main.js"
2015-12-16T13:04:08 [DEBUG] 0 arg: "--ip="
2015-12-16T13:04:08 [DEBUG] 1 arg: "--port=9999"
2015-12-16T13:04:08 [DEBUG] 2 arg: "--logLevel=INFO"
2015-12-16T13:04:08 [DEBUG] Phantom - execute: Starting Remote WebDriver mode
PhantomJS is launching GhostDriver...
2015-12-16T13:04:08 [DEBUG] WebPage - setupFrame ""
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/modules/fs.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/modules/system.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/modules/webpage.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/modules/webserver.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/ghostdriver/./hub_register.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/ghostdriver/./logger.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/ghostdriver/./third_party/console++.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/ghostdriver/./config.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/ghostdriver/./third_party/parseuri.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "session.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "inputs.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "request_handlers/request_handler.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "request_handlers/status_request_handler.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] FileSystem - _open: ":/ghostdriver/./errors.js" QMap(("mode", QVariant(QString, "r") ) )
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "request_handlers/shutdown_request_handler.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "request_handlers/session_manager_request_handler.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "request_handlers/session_request_handler.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "request_handlers/webelement_request_handler.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "request_handlers/router_request_handler.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: "webelementlocator.js"
2015-12-16T13:04:08 [DEBUG] Phantom - injectJs: prepending ":/ghostdriver/"
[INFO - 2015-12-16T17:04:08.652Z] GhostDriver - Main - running on port 9999
^C
[arachni-2.0dev-1.0dev_20151215]$
Excellent! I really appreciate your patience and help with this.
Cheers
Using the latest (2015-12-09) nightly build, when I run a scan from the GUI, it doesn't do anything and eventually returns the following error. It is configured to use PostgreSQL. If I switch back to the current release, the same scan runs fine.
BTW, the updated GUI works much better behind a HTTPS reverse proxy than the current release, thanks for changing the URLs to absolute paths.