Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Arachni 1.5.1-0.5.12 hangs on starting a scan #1018

Open
checkleettime opened this issue Nov 12, 2018 · 1 comment
Open

Arachni 1.5.1-0.5.12 hangs on starting a scan #1018

checkleettime opened this issue Nov 12, 2018 · 1 comment

Comments

@checkleettime
Copy link

[Debug Output] - It takes damn long before it throws that error and crash
./arachni-1.5.1-0.5.12/bin/arachni http://leettime.net --timeout 06:00:00 --checks=*,-session_fixation,-xxe,-ldap_injection,-xpath_injection,-csrf,-interesting_responses,-insecure_cors_policy,-hsts,-captcha,-password_autocomplete --output-only-positives --browser-cluster-ignore-images --scope-auto-redundant=2 --http-response-max-size=250000 --scope-directory-depth-limit=4 --output-debug

Arachni - Web Application Security Scanner Framework v1.5.1
   Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>

           (With the support of the community and the Arachni Team.)

   Website:       http://arachni-scanner.com
   Documentation: http://arachni-scanner.com/wiki


 [2018-11-12 14:19:02 +0530 - 0.0] [!] [browser#spawn_phantomjs:1227] Worker: Spawning PhantomJS...
 [2018-11-12 14:19:02 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:20:02 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:20:02 +0530 - 0.0] [!] [browser_cluster/worker#shutdown:162] Worker: Shutting down (wait: true) ...
 [2018-11-12 14:20:02 +0530 - 0.0] [!] [browser#shutdown:378] Worker: Shutting down...
 [2018-11-12 14:20:02 +0530 - 0.1] [!] [browser#shutdown:401] Worker: ...shutdown complete.
 [2018-11-12 14:20:02 +0530 - 0.0] [!] [browser_cluster/worker#shutdown:195] Worker: ...shutdown complete.
 [2018-11-12 14:20:02 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:21:02 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:21:02 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:22:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:22:03 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:23:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:23:03 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:24:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:24:03 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:25:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:25:03 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:26:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:26:03 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:27:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:27:03 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:28:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [2018-11-12 14:28:03 +0530 - 0.0] [!] [browser#start_proxy:1318] Worker: Booting up...
 [2018-11-12 14:29:03 +0530 - 60.1] [!] [browser#spawn_phantomjs:1285] Worker: Spawn timed-out.
 [-] [utilities#exception_jail:428] [Errno::ECONNREFUSED] Connection refused - connect(2) for "127.0.0.1" port 40918
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `initialize'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `open'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in `block in connect'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:88:in `block in timeout'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:98:in `call'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:98:in `timeout'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:878:in `connect'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:863:in `do_start'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:852:in `start'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1375:in `request'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/default.rb:103:in `response_for'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/default.rb:57:in `request'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/common.rb:59:in `call'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:653:in `raw_execute'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:124:in `create_session'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:88:in `initialize'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in `new'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in `for'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver.rb:82:in `for'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser.rb:1109:in `selenium'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser.rb:1337:in `start_webdriver'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser.rb:187:in `initialize'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster/worker.rb:51:in `initialize'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:495:in `new'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:495:in `block in initialize_workers'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:494:in `times'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:494:in `initialize_workers'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:112:in `initialize'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:33:in `new'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:33:in `block in browser_cluster'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/monitor.rb:211:in `mon_synchronize'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:28:in `browser_cluster'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:173:in `audit'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `block in run'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `call'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `exception_jail'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `run'
 [-] [utilities#exception_jail:428] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/ui/cli/framework.rb:80:in `block in run'
 [-] [utilities#exception_jail:429] 
 [-] [utilities#exception_jail:430] Parent:
 [-] [utilities#exception_jail:431] Arachni::Framework
 [-] [utilities#exception_jail:432] 
 [-] [utilities#exception_jail:433] Block:
 [-] [utilities#exception_jail:434] #<Proc:0x0000000587f5f0@/root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117>
 [-] [utilities#exception_jail:435] 
 [-] [utilities#exception_jail:436] Caller:
 [-] [utilities#exception_jail:437] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `exception_jail'
 [-] [utilities#exception_jail:437] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `run'
 [-] [utilities#exception_jail:437] /root/tools/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/ui/cli/framework.rb:80:in `block in run'
 [-] [utilities#exception_jail:438] --------------------------------------------------------------------------------
 [2018-11-12 14:29:03 +0530 - 0.0] [!] [plugin/manager#block:164] 
 [2018-11-12 14:29:03 +0530 - 0.0] [!] [plugin/manager#block:165] Waiting on 4 plugins to finish:
 [2018-11-12 14:29:03 +0530 - 0.0] [!] [plugin/manager#block:166] healthmap, timing_attacks, discovery, uniformity
 [2018-11-12 14:29:03 +0530 - 0.0] [!] [plugin/manager#block:167] 
================================================================================


 [+] Web Application Security Report - Arachni Framework

 [~] Report generated on: 2018-11-12 14:29:04 +0530
 [~] Report false positives at: http://github.com/Arachni/arachni/issues

 [+] System settings:
 [~] ---------------
 [~] Version:           1.5.1
 [~] Seed:              982a599ab5901977ce42c116c6e12703
 [~] Audit started on:  2018-11-12 14:19:02 +0530
 [~] Audit finished on: 2018-11-12 14:29:03 +0530
 [~] Runtime:           00:10:01

 [~] URL:        http://leettime.net/
 [~] User agent: Arachni/v1.5.1

 [*] Audited elements: 
 [~] * Links
 [~] * Forms
 [~] * Cookies
 [~] * XMLs
 [~] * JSONs
 [~] * UI inputs
 [~] * UI forms

 [*] Checks: insecure_cross_domain_policy_access, insecure_client_access_policy, common_files, backdoors, http_put, backup_directories, common_admin_interfaces, insecure_cross_domain_policy_headers, backup_files, webdav, htaccess_limit, allowed_methods, origin_spoof_access_restriction_bypass, common_directories, directory_listing, cookie_set_for_parent_domain, private_ip, html_objects, unencrypted_password_forms, ssn, cvs_svn_users, insecure_cookies, form_upload, emails, x_frame_options, http_only_cookies, credit_card, mixed_resource, xst, localstart_asp, code_injection_php_input_wrapper, sql_injection, trainer, unvalidated_redirect, os_cmd_injection, xss_tag, xss, response_splitting, no_sql_injection_differential, xss_event, code_injection, xss_path, source_code_disclosure, path_traversal, xss_script_context, xss_dom, rfi, code_injection_timing, no_sql_injection, xss_dom_script_context, unvalidated_redirect_dom, os_cmd_injection_timing, file_inclusion, sql_injection_timing, sql_injection_differential

 [~] ===========================

 [+] 0 issues were detected.


 [~] Report saved at: /root/tools/leettime.net 2018-11-12 14_29_03 +0530.afr [0.0MB]
 [~] The scan has logged errors: /root/tools/arachni-1.5.1-0.5.12/bin/../system/logs/framework/error-16777.log

 [~] Audited 0 page snapshots.

 [~] Duration: 00:10:01
 [~] Processed 0/0 HTTP requests.
 [~] -- 0.0 requests/second.
 [~] Processed 0/0 browser jobs.
 [~] -- 0.0 second/job.

 [~] Burst response time sum     0.0 seconds
 [~] Burst response count        0
 [~] Burst average response time 0.0 seconds
 [~] Burst average               0.0 requests/second
 [~] Timed-out requests          0
 [~] Original max concurrency    20
 [~] Throttled max concurrency   20

System Information:

Kernel: Linux 4.18.0-kali2-amd64
Architecture: x86-64
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2018.4"
VERSION_ID="2018.4"
ID_LIKE=debian
Memory : 64 GB RAM
Processor : Intel® Core™ i7-7700 CPU @ 3.60GHz × 8

[Phantom JS command]
./arachni-1.5.1-0.5.12/system/usr/bin/phantomjs --webdriver=55025

Auto configuration failed
140245374291584:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:185:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory
140245374291584:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
140245374291584:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf
140245374291584:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf

[Debug Flag Phantom JS Output]
./arachni-1.5.1-0.5.12/bin/arachni_shell -c 'phantomjs --debug=true --webdriver=55025'

Auto configuration failed
140625191147328:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:185:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory
140625191147328:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
140625191147328:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf
140625191147328:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf
@dogasantos dogasantos mentioned this issue Dec 3, 2018
Closed
@dogasantos
Copy link

A workaround: #1022

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dogasantos @checkleettime