EOFError: End of File Reached scanning a particular website.

[mgoins01]

Great work on Arachni - just recently became aware of it & have been testing to eventually incorporate it into our cybersec/vulnerability program. Am seeing EOFError's when running Arachni against one of our main company websites & have been unable to figure out what's going on. The log that follows was run as a single instance DIRECT scan, with a 2-hour timeout. The Arachni environment is running in AWS, with a grid of 3 machines. The security group is set for wide open outbound, and ssh/http open from mgmt machines, and all traffic open between arachni machines. am running t2.medium machines - Amazon Linux - 2CPUx4GB memory w/50 GB disk. PostGres database is configured.

### 
2017-11-13 16:24:39 -0500 --------------------------------------------------------------------------------
ENV:
---
CPLUS_INCLUDE_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/include"
LESS_TERMCAP_mb: "\e[01;31m"
HOSTNAME: ip-10-1-0-152
LESS_TERMCAP_md: "\e[01;38;5;208m"
GEM_HOME: "/home/ec2-user/arachni-1.5.1-0.5.12/system/gems"
LESS_TERMCAP_me: "\e[0m"
SHELL: "/bin/bash"
TERM: xterm
HISTSIZE: '1000'
IRBRC: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/.irbrc"
EC2_AMITOOL_HOME: "/opt/aws/amitools/ec2"
LIBRARY_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/lib:/usr/lib:/usr/local/lib"
MY_RUBY_HOME: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby"
LESS_TERMCAP_ue: "\e[0m"
USER: root
LD_LIBRARY_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/lib:/usr/lib:/usr/local/lib"
LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow
=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31
:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;
31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;
31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35
:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01
;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;
35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:
*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*
.spx=01;36:*.xspf=01;36:'
SUDO_USER: ec2-user
EC2_HOME: "/opt/aws/apitools/ec2"
SUDO_UID: '500'
USERNAME: root
LESS_TERMCAP_us: "\e[04;38;5;111m"
FONTCONFIG_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/home/arachni/.fonts"
PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/system/gems/bin:/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/../bin:/home/ec2-user/arachni-1.5.1-0.5.12/bin/.
./system/usr/bin:/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/gems/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/aws/bin:/home/ec2-user/arachni-1.5.1-0.5.12/bi
n"
MAIL: "/var/spool/mail/ec2-user"
C_INCLUDE_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/include"
PWD: "/root/arachni"
JAVA_HOME: "/usr/lib/jvm/jre"
ARACHNI_WEBUI_LOGDIR: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/logs/webui"
AWS_CLOUDWATCH_HOME: "/opt/aws/apitools/mon"
LANG: en_US.UTF-8
ARACHNI_FRAMEWORK_LOGDIR: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/logs/framework"
SHLVL: '2'
SUDO_COMMAND: "/bin/su"
HOME: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/home/arachni"
RAILS_ENV: production
AWS_PATH: "/opt/aws"
AWS_AUTO_SCALING_HOME: "/opt/aws/apitools/as"
LOGNAME: root
GEM_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/gems"
AWS_ELB_HOME: "/opt/aws/apitools/elb"
LESSOPEN: "||/usr/bin/lesspipe.sh %s"
SUDO_GID: '500'
RUBYLIB: "/home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/bundler-1.14.6/lib:/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby:/home/ec2-us
er/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/2.2.0:/home/ec2-user/arachn
i-1.5.1-0.5.12/bin/../system/usr/lib/ruby/2.2.0/x86_64-linux:/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/site_ruby/2.2.0/x86_64-linux"
RUBY_VERSION: ruby-2.2.3
LESS_TERMCAP_se: "\e[0m"
BUNDLE_GEMFILE: "/home/ec2-user/arachni-1.5.1-0.5.12/system/arachni-ui-web/Gemfile"
BUNDLER_ORIG_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/../bin:/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/usr/bin:/home/ec2-user/arachni
-1.5.1-0.5.12/bin/../system/gems/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/aws/bin:/home/ec2-user/arachni-1.5.1-0.5.12/bin"
BUNDLER_ORIG_GEM_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/bin/../system/gems"
BUNDLE_BIN_PATH: "/home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/bundler-1.14.6/exe/bundle"
BUNDLER_VERSION: 1.14.6
RUBYOPT: "-rbundler/setup"
MANPATH: "/home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/kramdown-1.4.1/man"
--------------------------------------------------------------------------------
OPTIONS:
---
browser_cluster:
  local_storage: {}
  wait_for_elements: {}
  pool_size: 10
  job_timeout: 10
  worker_time_to_live: 100
  ignore_images: true
  screen_width: 1600
  screen_height: 1200
session: {}
input:
  values: {}
  default_values:
    name: arachni_name
    user: arachni_user
    usr: arachni_user
    pass: 5543!%arachni_secret
    txt: arachni_text
    num: '132'
    amount: '100'
    mail: arachni@email.gr
    account: '12'
    id: '1'
  without_defaults: false
  force: false
http:
  user_agent: Arachni/v1.5.1
  request_timeout: 10000
  request_redirect_limit: 5
  request_concurrency: 20
  request_queue_size: 100
  request_headers: {}
  response_max_size: 500000
  cookies: {}
  authentication_type: auto
audit:
  parameter_values: true
  exclude_vector_patterns: []
  include_vector_patterns: []
  link_templates: []
  links: true
  forms: true
  cookies: true
  ui_inputs: true
  ui_forms: true
  jsons: true
  xmls: true
datastore:
  report_path: "/root/arachni/reports"
scope:
  redundant_path_patterns: {}
  dom_depth_limit: 5
  exclude_file_extensions: []
  exclude_path_patterns: []
  exclude_content_patterns: []
  include_path_patterns: []
  restrict_paths: []
  extend_paths: []
  url_rewrites: {}
  auto_redundant_paths: 2
  exclude_binaries: true
checks:
- file_inclusion
- xss_script_context
- xss
- xss_path
- os_cmd_injection
- sql_injection_differential
- trainer
- csrf
- xss_tag
- source_code_disclosure
- xss_dom_script_context
- unvalidated_redirect
- xss_dom
- code_injection
- xpath_injection
- rfi
- sql_injection
- path_traversal
- xss_event
- unvalidated_redirect_dom
- sql_injection_timing
- no_sql_injection_differential
- session_fixation
- os_cmd_injection_timing
- code_injection_php_input_wrapper
- xxe
- code_injection_timing
- response_splitting
- ldap_injection
- no_sql_injection
- http_put
- insecure_cross_domain_policy_headers
- htaccess_limit
- backdoors
- webdav
- mixed_resource
- unencrypted_password_forms
- private_ip
- cookie_set_for_parent_domain
- html_objects
- form_upload
- http_only_cookies
- insecure_cookies
- x_frame_options
- password_autocomplete
- ssn
- captcha
- hsts
- emails
- credit_card
- insecure_cors_policy
- cvs_svn_users
- directory_listing
- insecure_client_access_policy
- localstart_asp
- insecure_cross_domain_policy_access
- origin_spoof_access_restriction_bypass
- interesting_responses
- allowed_methods
- xst
platforms: []
plugins: {}
no_fingerprinting: false
authorized_by:
url: http://www.[redacted].com/
--------------------------------------------------------------------------------
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:121] Error while processing job: #<Arachni::BrowserCluster::Jobs::BrowserProvider:7024619
0943760 callback= time= timed_out=false>
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] [EOFError] end of file reached
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/protocol.rb:153:in
 `read_nonblock'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/protocol.rb:153:in
 `rbuf_fill'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/protocol.rb:134:in
 `readuntil'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/protocol.rb:144:in
 `readline'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http/response.rb:3
9:in `read_status_line'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http/response.rb:2
8:in `read_new'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1414:in `b
lock in transport_request'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1411:in `c
atch'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1411:in `t
ransport_request'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1384:in `r
equest'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1377:in `b
lock in request'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:853:in `st
art'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1375:in `r
equest'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/se
lenium/webdriver/remote/http/default.rb:103:in `response_for'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/se
lenium/webdriver/remote/http/default.rb:57:in `request'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/se
lenium/webdriver/remote/http/common.rb:59:in `call'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/se
lenium/webdriver/remote/bridge.rb:653:in `raw_execute'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/se
lenium/webdriver/remote/bridge.rb:631:in `execute'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/se
lenium/webdriver/remote/bridge.rb:136:in `get'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/se
lenium/webdriver/common/navigation.rb:32:in `to'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er.rb:334:in `block in goto'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/page/
dom/transition.rb:151:in `call'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/page/
dom/transition.rb:151:in `start'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/page/
dom/transition.rb:106:in `initialize'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er.rb:329:in `new'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er.rb:329:in `goto'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/page/
dom.rb:146:in `restore'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er.rb:266:in `load'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er.rb:259:in `load'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/eleme
nt/dom/capabilities/submittable.rb:53:in `prepare_browser'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/eleme
nt/dom/capabilities/auditable.rb:46:in `audit_handle_submit'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er_cluster/jobs/browser_provider.rb:26:in `call'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er_cluster/jobs/browser_provider.rb:26:in `run'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er_cluster/job.rb:109:in `configure_and_run'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er_cluster/worker.rb:80:in `run_job'
[2017-11-13 16:24:39 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/brows
er_cluster/worker.rb:244:in `block in start'
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:121] Error while processing job: #<Arachni::BrowserCluster::Jobs::BrowserProvider:7024571
2068540 callback= time= timed_out=false>
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] [Errno::ECONNREFUSED] Connection refused - connect(2) for "127.0.0.1" port 28609
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `in
itialize'
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `op
en'
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `bl
ock in connect'
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:88:in `bloc
k in timeout'
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:98:in `call
'
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:98:in `time
out'
[2017-11-13 16:24:48 -0500] Worker: [browser_cluster/worker#run_job:122] /home/ec2-user/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:878:in `co
nnect'

[mgoins01]

Think I may have found the source of the 'EOFError's. Saw this forum post on BountySource: https://www.bountysource.com/issues/43351676-question-disk-full-100gb-how-to-adjust-scan that mentions issues w/EOFError's, and large numbers of Arachni_Support_DatabaseQueue* files in /tmp. I, too, had over 17000 files in /tmp ranging in size between 100MB & 625MB's...

In the forum post, it was mentioned that 2 settings may be playing a role: --scope-dom-event-limit --scope-dom-event-inheritance-limit

With this in mind, I ran a series of tests against the failing website, all with 30 minute timeouts: with only change being --scope-dom-event-limit set to 10, then 50, then 100, then 1000. All with no EOFError, or memory allocation errors.

Last test, was with --scope-dom-event-limit 1000, with an 8-hour timebomb - am happy to report - no Errors!

Am not sure what a reasonable limit would be, but 1000 seems to work in this case.

Am running the latest code:

• Arachni 1.5.1 (ruby 2.2.3p173) [x86_64-linux]"
• Web-UI is 0.5.12.

Couple questions?

• are there plans to add support for --scope-dom-event-limit to the WebUI? or, the ability to point to a saved scan profile? Noticed it appears to be missing from the WebUI profile screen.

• has support been added for --scope-dom-event-inheritance-limit to either the command line, or WebUI? Am not seeing the option supported with Arachni 1.5.1 Command Line, or WebUI 0.5.12.

Thanks for the great work! Can't wait to get this running in production, against our entire external web footprint.

[Zapotek]

1. Is that option missing? That's my bad, I'll add it. 2, It's currently only in the nightlies' CLI as it needs some more testing.

As for reasonable limits, that's basically up to each webapp.

[wanhl1990]

I found Arachni_Support_DatabaseQueue[pid][*][1-121] files in /tmp too. But it doesn't work with --scope-dom-event-limit setting. I found it when the target server is unconnected , it will produce the Arachni_Support_DatabaseQueue* files . I use the arachni_rest_server for testing . :)

[Zapotek]

Some will be produced but most are pages to be audited and browser jobs to be performed. Scope limiting options will naturally result in less workload and in less of these files being created.