-
Notifications
You must be signed in to change notification settings - Fork 768
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SOLVED] arachni dispatcher and local scan does not work due to ECONNREFUSED #1022
Comments
More details: `
Found a similar issue here: Arachni 1.5.1-0.5.12 hangs on starting a scan #1018 |
Ok guys, I've fixed this problem myself by using a workaround for the missing libssl_conf: Adding the OPENSSL_CONF environment variable into the system/environment file pointing towards the SO original openssl config dir:
This is not a fix, it's a workaround and will allow people to use arachni until a fix is released. thanks |
Same Issue here within Version 2.0dev-1.0dev. Local scan stopps after 10 Minutes with following error Unfortunately your Workarround doenst work for me :-( Regards |
What happens when you start the phantomjs binary that is shipped with arachni? |
Hello. I have the same issue : I don't find any solution to this issue. |
Like everyone else, I also have this issue. My results look the same as @IPv4v6 above except on port 34333. I've been working on this off and on all week and still haven't figured it out. |
@dogasantos the environment variable did work for me. |
Glad to help @NetSec144 |
The environment variable didnt work for me either. Some other Workaround? |
Did anyone ever figure out a fix for this? Here's my details on the error: |
Thank you!This worked for mine. |
Hi everyone,
I found myself into a problem with arachni (the official tarball pack. It just can't run at all.
I'll try to provide as much detail as I can (sorry if I'm too verbose on this one).
TLDR: Using arachni-1.5.1-0.5.12 straight from tarball, dispatcher is listening on default port, but other subports are not listening. You can add the dispatcher on webui, but it won't execute any task. If you run through the commadn line (bin/arachni ), nothing happens. Nothing on logs (framework or webui). Starting a new scan via webui, it takes sometime to fail the scan, then it throws an ECONNREFUSED error. I've attached this entire post as text file for better format, and the full error log.
If you run as "bin/arachni url" , it won't run, scan or do anything. It freezes here:
`
bin/arachni https://target.here
...
[
] No checks were specified, loading all.] No element audit options were specified, will audit links, forms, cookies, UI inputs, UI forms, JSONs and XMLs.[
[] Initializing...
[] Preparing plugins...
[] ... done.
[] BrowserCluster: Initializing 6 browsers...
`
By hitting Enter, you see everything stopped:
`[~] Results thus far:
[
] 0 issues have been detected.] Audited 0 page snapshots.[
[
] Duration:00:00:59] Processed 0/0 HTTP requests.[
[
] -- 0.0 requests/second.] Processed 0/0 browser jobs.[
[~] -- 0.0 second/job.
[
] Burst response time sum 0.0 seconds] Burst response count 0[
[
] Burst average response time 0.0 seconds] Burst average 0.0 requests/second[
[
] Timed-out requests 0] Original max concurrency 20[
[~] Throttled max concurrency 20
[
] Status: Scanning] Initialising the browser cluster.[
[~]
...
`
If you goes with the web-ui and run the rpcd binary, it also won't work.
Here is the rpcd output (after i have it added into the webui dispatcher area):
I, [2018-12-03T08:06:18.892357 #12372] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.894229 #12364] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.894449 #12364] INFO -- System: Listening on 127.0.0.1:42293
I, [2018-12-03T08:06:18.894701 #12372] INFO -- System: Listening on 127.0.0.1:11279
I, [2018-12-03T08:06:18.932297 #12367] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.942716 #12367] INFO -- System: Listening on 127.0.0.1:59650
I, [2018-12-03T08:06:18.980536 #12375] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.990701 #12375] INFO -- System: Listening on 127.0.0.1:36791
I, [2018-12-03T08:06:19.113923 #12380] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:19.130685 #12380] INFO -- System: Listening on 127.0.0.1:11662
I, [2018-12-03T08:06:19.308472 #12372] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.543290 #12364] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.630617 #12367] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.691488 #12380] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.788720 #12375] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.811123 #12349] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:20.811502 #12349] INFO -- System: Listening on 127.0.0.1:7331
I, [2018-12-03T08:08:30.997928 #12349] INFO -- Call: dispatcher.statistics [127.0.0.1]
I, [2018-12-03T08:08:33.035564 #12349] INFO -- Call: dispatcher.statistics [127.0.0.1]
I, [2018-12-03T08:08:38.043007 #12349] INFO -- Call: dispatcher.statistics [127.0.0.1]
The Call: dispatcher.statistics goes forever.
Web running as:
bin/arachni_web --host 0.0.0.0
Puma 2.14.0 starting...
The webui works fine until it comes to dispatcher (the actual scanning tasks)
In the dispatcher logs we can see this:
[Mon Dec 3 08:11:51 2018] [status] Starting the RPC Server...
[Mon Dec 3 08:11:51 2018] [status] Populating the pool with 5 Instances.
[Mon Dec 3 08:11:51 2018] [status] Instance added to pool -- PID: 12631 - Port: 32869 - Owner: dispatcher
[Mon Dec 3 08:11:51 2018] [status] Instance added to pool -- PID: 12634 - Port: 48687 - Owner: dispatcher
[Mon Dec 3 08:11:51 2018] [status] Instance added to pool -- PID: 12638 - Port: 17063 - Owner: dispatcher
[Mon Dec 3 08:11:52 2018] [status] Instance added to pool -- PID: 12643 - Port: 64539 - Owner: dispatcher
[Mon Dec 3 08:11:52 2018] [status] Instance added to pool -- PID: 12647 - Port: 24861 - Owner: dispatcher
[Mon Dec 3 08:11:52 2018] [status] Waiting for Instances to come on-line.
[Mon Dec 3 08:12:00 2018] [status] Instances are on-line.
[Mon Dec 3 08:12:00 2018] [status] Initializing grid node...
[Mon Dec 3 08:12:00 2018] [status] Node ready.
[Mon Dec 3 08:12:00 2018] [info] Updated neighbours:
[Mon Dec 3 08:12:00 2018] [info]
[Mon Dec 3 08:12:00 2018] [status] Ready
Finally, here is what I see suspicious:
netstat -antp output:
tcp 0 0 0.0.0.0:9292 0.0.0.0:* LISTEN 12433/ruby
tcp 0 0 127.0.0.1:48687 0.0.0.0:* LISTEN 12634/ruby
tcp 0 0 127.0.0.1:64539 0.0.0.0:* LISTEN 12643/ruby
tcp 0 0 127.0.0.1:24861 0.0.0.0:* LISTEN 12647/ruby
tcp 0 0 127.0.0.1:7331 0.0.0.0:* LISTEN 12616/ruby
tcp 0 0 127.0.0.1:32869 0.0.0.0:* LISTEN 12631/ruby
tcp 0 0 127.0.0.1:17063 0.0.0.0:* LISTEN 12638/ruby
The dispatcher 7331 port is listening, but none of the others are (42293, 11279, 59650, 36791, 11662).
When you use the webui, you have this on scan task:
`Currently auditing:
After a few minutes, it fails and a error code comes up and here is the link to those non-listening ports (I believe):
[Errno::ECONNREFUSED] Connection refused - connect(2) for "127.0.0.1" port 64984 ....
You guys can check the full error message in the attached txt.
Do you guys have any troubleshooting test I can try here in order to gather more details, or even have some guidance on how I can fix this ?
Thanks!
error_webui.txt
full-issue.txt
The text was updated successfully, but these errors were encountered: