Error 500 after an arachni scan

[adrienrdlc]

I configured as in the documentation for arachni the arachni engine. The engine appears available and functional. Once my scan started no information goes back to patrowl, however the scan is started well because I have on the web server behind a mounted request and the CPU. Once the scan is finished, arachni returns me in the logs just this error.

351717 | ERROR | [EngineTasks/startscan_task/165ca39e-71e5-4811-aef1-5b602183953d] AfterScan - something goes wrong in 'getfindings' call (request_status_code=500). Task aborted. | ERROR | 2020/06/02-12:18:30
351709 | DEBUG | [EngineTasks/startscan_task/165ca39e-71e5-4811-aef1-5b602183953d] AfterScan - findings are now available: http://192.168.185.36:5105/engines/arachni/getfindings/5. | DEBUG | 2020/06/02-12:18:21
351708 | DEBUG | [EngineTasks/startscan_task/165ca39e-71e5-4811-aef1-5b602183953d] AfterScan - scan report is now available: http://192.168.185.36:5105/engines/arachni/getreport/5. | DEBUG | 2020/06/02-12:18:20
350481 | INFO | [EngineTasks/startscan_task/165ca39e-71e5-4811-aef1-5b602183953d] Engine 'Arachni Scanner' has been selected. | INFO | 2020/06/02-11:43:53
350480 | INFO | [EngineTasks/startscan_task/165ca39e-71e5-4811-aef1-5b602183953d] Task started. | INFO | 2020/06/02-11:43:53

Asset configuration :

value : "mywebsite.com" name : "my asset" type : "url" categorie : "all"

Scan configuration :

title : "test" assets : "my asset" engine : "arachni" policy : "arachni default policy" engine : "arachni scanner"

[rzwolf]

Hi @adrienrdlc I'm facing a similar issue but with 200 status

when try to scan with arachni engine. It seems that the problem is with the arachni API

I would like to know if any one else has this problem

[MaKyOtOx]

Hi, Could you please check the arachni web server is correctly started ? When the engine starts, check if something is responding on http://localhost:7331

More logs ? add logging.basicConfig(level=logging.DEBUG) at the beginning of the 'engine-arachni.py' file

[rzwolf]

Hi @MaKyOtOx

I was trying to start the arachni engine but I have problems when I start it by script like python3 engine-arachni.py The engine is never ready in the PatrOwl web but when I check the log with the debug "logging.basicConfig (level = logging.DEBUG ) "that I put inside the file engine-arachni.py and I get this information:

INFO:engine-arachni: Arachni REST API server successfully started on http://0.0.0.0:7331/ INFO:werkzeug: Running on http://0.0.0.0:5005/ (Press CTRL+C to quit) DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 0.0.0.0:7331 INFO:werkzeug:172.20.0.4 - - [25/Jun/2020 17:17:56] "GET /engines/arachni/status HTTP/1.1" 200 - DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 0.0.0.0:7331 INFO:werkzeug:172.20.0.4 - - [25/Jun/2020 17:17:56] "GET /engines/arachni/status HTTP/1.1" 200 - DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 0.0.0.0:7331 INFO:werkzeug:172.20.0.4 - - [25/Jun/2020 17:17:57] "GET /engines/arachni/status HTTP/1.1" 200 - DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 0.0.0.0:7331 INFO:werkzeug:172.20.0.4 - - [25/Jun/2020 17:17:57] "GET /engines/arachni/status HTTP/1.1" 200 - DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 0.0.0.0:7331 INFO:werkzeug:172.20.0.4 - - [25/Jun/2020 17:17:58] "GET /engines/arachni/status HTTP/1.1" 200 - DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 0.0.0.0:7331 INFO:werkzeug:172.20.0.4 - - [25/Jun/2020 17:17:58] "GET /engines/arachni/status HTTP/1.1" 200 - DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 0.0.0.0:7331 INFO:werkzeug:172.20.0.4 - - [25/Jun/2020 17:17:59] "GET /engines/arachni/status HTTP/1.1" 200 -

and nothing more...

the only way to start the engine and get it ready on the patrOwl web is with a docker container.

When I try to reach http://localhost:7331 even when engine is ready I can't reached it