Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SOLVED] arachni dispatcher and local scan does not work due to ECONNREFUSED #1022

Closed
dogasantos opened this issue Dec 3, 2018 · 11 comments
Closed
Assignees

Comments

@dogasantos
Copy link

dogasantos commented Dec 3, 2018

Hi everyone,
I found myself into a problem with arachni (the official tarball pack. It just can't run at all.
I'll try to provide as much detail as I can (sorry if I'm too verbose on this one).

TLDR: Using arachni-1.5.1-0.5.12 straight from tarball, dispatcher is listening on default port, but other subports are not listening. You can add the dispatcher on webui, but it won't execute any task. If you run through the commadn line (bin/arachni ), nothing happens. Nothing on logs (framework or webui). Starting a new scan via webui, it takes sometime to fail the scan, then it throws an ECONNREFUSED error. I've attached this entire post as text file for better format, and the full error log.

If you run as "bin/arachni url" , it won't run, scan or do anything. It freezes here:

`
bin/arachni https://target.here
...
[] No checks were specified, loading all.
[
] No element audit options were specified, will audit links, forms, cookies, UI inputs, UI forms, JSONs and XMLs.

[] Initializing...
[
] Preparing plugins...
[] ... done.
[
] BrowserCluster: Initializing 6 browsers...
`

By hitting Enter, you see everything stopped:

`[~] Results thus far:

[] 0 issues have been detected.
[
] Audited 0 page snapshots.

[] Duration:00:00:59
[
] Processed 0/0 HTTP requests.
[] -- 0.0 requests/second.
[
] Processed 0/0 browser jobs.
[~] -- 0.0 second/job.

[] Burst response time sum 0.0 seconds
[
] Burst response count 0
[] Burst average response time 0.0 seconds
[
] Burst average 0.0 requests/second
[] Timed-out requests 0
[
] Original max concurrency 20
[~] Throttled max concurrency 20

[] Status: Scanning
[
] Initialising the browser cluster.
[~]
...
`

If you goes with the web-ui and run the rpcd binary, it also won't work.

Here is the rpcd output (after i have it added into the webui dispatcher area):

I, [2018-12-03T08:06:18.892357 #12372] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.894229 #12364] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.894449 #12364] INFO -- System: Listening on 127.0.0.1:42293
I, [2018-12-03T08:06:18.894701 #12372] INFO -- System: Listening on 127.0.0.1:11279
I, [2018-12-03T08:06:18.932297 #12367] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.942716 #12367] INFO -- System: Listening on 127.0.0.1:59650
I, [2018-12-03T08:06:18.980536 #12375] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:18.990701 #12375] INFO -- System: Listening on 127.0.0.1:36791
I, [2018-12-03T08:06:19.113923 #12380] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:19.130685 #12380] INFO -- System: Listening on 127.0.0.1:11662
I, [2018-12-03T08:06:19.308472 #12372] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.543290 #12364] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.630617 #12367] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.691488 #12380] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.788720 #12375] INFO -- Call: service.alive? [127.0.0.1]
I, [2018-12-03T08:06:20.811123 #12349] INFO -- System: RPC Server started.
I, [2018-12-03T08:06:20.811502 #12349] INFO -- System: Listening on 127.0.0.1:7331
I, [2018-12-03T08:08:30.997928 #12349] INFO -- Call: dispatcher.statistics [127.0.0.1]
I, [2018-12-03T08:08:33.035564 #12349] INFO -- Call: dispatcher.statistics [127.0.0.1]
I, [2018-12-03T08:08:38.043007 #12349] INFO -- Call: dispatcher.statistics [127.0.0.1]

The Call: dispatcher.statistics goes forever.
Web running as:

bin/arachni_web --host 0.0.0.0
Puma 2.14.0 starting...

  • Min threads: 0, max threads: 16
  • Environment: development
  • Listening on tcp://0.0.0.0:9292

The webui works fine until it comes to dispatcher (the actual scanning tasks)

In the dispatcher logs we can see this:

[Mon Dec 3 08:11:51 2018] [status] Starting the RPC Server...
[Mon Dec 3 08:11:51 2018] [status] Populating the pool with 5 Instances.
[Mon Dec 3 08:11:51 2018] [status] Instance added to pool -- PID: 12631 - Port: 32869 - Owner: dispatcher
[Mon Dec 3 08:11:51 2018] [status] Instance added to pool -- PID: 12634 - Port: 48687 - Owner: dispatcher
[Mon Dec 3 08:11:51 2018] [status] Instance added to pool -- PID: 12638 - Port: 17063 - Owner: dispatcher
[Mon Dec 3 08:11:52 2018] [status] Instance added to pool -- PID: 12643 - Port: 64539 - Owner: dispatcher
[Mon Dec 3 08:11:52 2018] [status] Instance added to pool -- PID: 12647 - Port: 24861 - Owner: dispatcher
[Mon Dec 3 08:11:52 2018] [status] Waiting for Instances to come on-line.
[Mon Dec 3 08:12:00 2018] [status] Instances are on-line.
[Mon Dec 3 08:12:00 2018] [status] Initializing grid node...
[Mon Dec 3 08:12:00 2018] [status] Node ready.
[Mon Dec 3 08:12:00 2018] [info] Updated neighbours:
[Mon Dec 3 08:12:00 2018] [info]
[Mon Dec 3 08:12:00 2018] [status] Ready

Finally, here is what I see suspicious:
netstat -antp output:

tcp 0 0 0.0.0.0:9292 0.0.0.0:* LISTEN 12433/ruby
tcp 0 0 127.0.0.1:48687 0.0.0.0:* LISTEN 12634/ruby
tcp 0 0 127.0.0.1:64539 0.0.0.0:* LISTEN 12643/ruby
tcp 0 0 127.0.0.1:24861 0.0.0.0:* LISTEN 12647/ruby
tcp 0 0 127.0.0.1:7331 0.0.0.0:* LISTEN 12616/ruby
tcp 0 0 127.0.0.1:32869 0.0.0.0:* LISTEN 12631/ruby
tcp 0 0 127.0.0.1:17063 0.0.0.0:* LISTEN 12638/ruby

The dispatcher 7331 port is listening, but none of the others are (42293, 11279, 59650, 36791, 11662).

When you use the webui, you have this on scan task:

`Currently auditing:

Instance idle, waiting for workload.`

After a few minutes, it fails and a error code comes up and here is the link to those non-listening ports (I believe):

[Errno::ECONNREFUSED] Connection refused - connect(2) for "127.0.0.1" port 64984 ....

You guys can check the full error message in the attached txt.

Do you guys have any troubleshooting test I can try here in order to gather more details, or even have some guidance on how I can fix this ?

Thanks!
error_webui.txt
full-issue.txt

@dogasantos dogasantos changed the title arachni dispatcher and local scan doesn't work at all arachni dispatcher and local scan does not work due to ECONNREFUSED Dec 3, 2018
@dogasantos
Copy link
Author

More details:

`
bin/arachni_shell -c 'phantomjs --debug=true --webdriver=55025

^C
root@kaliCloud:/usr/share/arachni-1.5.1-0.5.12# bin/arachni_shell -c 'phantomjs --debug=true --webdriver=55025'
Auto configuration failed
140155421263680:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:185:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory
140155421263680:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
140155421263680:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf
140155421263680:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf
`

Found a similar issue here: Arachni 1.5.1-0.5.12 hangs on starting a scan #1018

@dogasantos
Copy link
Author

Ok guys, I've fixed this problem myself by using a workaround for the missing libssl_conf:

Adding the OPENSSL_CONF environment variable into the system/environment file pointing towards the SO original openssl config dir:

export OPENSSL_CONF=/etc/ssl/

This is not a fix, it's a workaround and will allow people to use arachni until a fix is released.

thanks

@dogasantos dogasantos changed the title arachni dispatcher and local scan does not work due to ECONNREFUSED [SOLVED] arachni dispatcher and local scan does not work due to ECONNREFUSED Dec 3, 2018
@HanseSecure
Copy link

Same Issue here within Version 2.0dev-1.0dev. Local scan stopps after 10 Minutes with following error
[Errno::ECONNREFUSED] Failed to open TCP connection to 127.0.0.1:7906 (Connection refused - connect(2) for "127.0.0.1" port 7906)

Unfortunately your Workarround doenst work for me :-(

Regards
Flo

@IPv4v6
Copy link

IPv4v6 commented Dec 18, 2018

Same Issue here within Version 2.0dev-1.0dev. Local scan stopps after 10 Minutes with following error
[Errno::ECONNREFUSED] Failed to open TCP connection to 127.0.0.1:7906 (Connection refused - connect(2) for "127.0.0.1" port 7906)

What happens when you start the phantomjs binary that is shipped with arachni?
./arachni-2.0dev-1.0dev/system/usr/bin/phantomjs

@galloche
Copy link

Hello. I have the same issue :
[2019-01-18 15:50:08 +0100] /root/Documents/arachni-1.5.1-0.5.12-linux-x86_64/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in exception_jail' [2019-01-18 15:50:08 +0100] /root/Documents/arachni-1.5.1-0.5.12-linux-x86_64/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in run'
[2019-01-18 15:50:08 +0100] /root/Documents/arachni-1.5.1-0.5.12-linux-x86_64/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/rpc/server/framework.rb:156:in `block in run'
[2019-01-18 15:50:08 +0100] --------------------------------------------------------------------------------

I don't find any solution to this issue.
I changed the OPENSSL_CONF environment variable but error still the same.

@NetSec144
Copy link

NetSec144 commented Feb 14, 2019

Like everyone else, I also have this issue. My results look the same as @IPv4v6 above except on port 34333. I've been working on this off and on all week and still haven't figured it out.
I'm running this on a GNOME version Kali amd64 in a guest machine in VirtualBox.
I've remove (purged) the Kali version of arachni to prevent any conflict there too.
I am running arachni version v1.5.1-0.5.12 from a github clone.

@NetSec144
Copy link

Like everyone else, I also have this issue. My results look the same as @IPv4v6 above except on port 34333. I've been working on this off and on all week and still haven't figured it out.
I'm running this on a GNOME version Kali amd64 in a guest machine in VirtualBox.
I've remove (purged) the Kali version of arachni to prevent any conflict there too.
I am running arachni version v1.5.1-0.5.12 from a github clone.

@dogasantos the environment variable did work for me.

@dogasantos
Copy link
Author

Glad to help @NetSec144

@S3cur3Th1sSh1t
Copy link

The environment variable didnt work for me either. Some other Workaround?

@ospf10
Copy link

ospf10 commented Jul 9, 2019

Did anyone ever figure out a fix for this? Here's my details on the error:
[2019-07-09 15:23:10 -0700] [Errno::ECONNREFUSED] Connection refused - connect(2) for "127.0.0.1" port 50898
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in initialize' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in open'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:879:in block in connect' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:88:in block in timeout'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:98:in call' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/timeout.rb:98:in timeout'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:878:in connect' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:863:in do_start'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:852:in start' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/net/http.rb:1375:in request'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/default.rb:103:in response_for' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/default.rb:57:in request'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/http/common.rb:59:in call' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:653:in raw_execute'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:124:in create_session' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/remote/bridge.rb:88:in initialize'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in new' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver/common/driver.rb:57:in for'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/selenium-webdriver-3.0.1/lib/selenium/webdriver.rb:82:in for' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser.rb:1109:in selenium'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser.rb:1337:in start_webdriver' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser.rb:187:in initialize'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster/worker.rb:51:in initialize' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:495:in new'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:495:in block in initialize_workers' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:494:in times'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:494:in initialize_workers' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/browser_cluster.rb:112:in initialize'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:33:in new' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:33:in block in browser_cluster'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/usr/lib/ruby/2.2.0/monitor.rb:211:in mon_synchronize' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/browser.rb:28:in browser_cluster'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:173:in audit' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in block in run'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in call' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in exception_jail'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in run' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/rpc/server/framework.rb:156:in block in run'
[2019-07-09 15:23:10 -0700]
[2019-07-09 15:23:10 -0700] Parent:
[2019-07-09 15:23:10 -0700] Arachni::RPC::Server::Framework
[2019-07-09 15:23:10 -0700]
[2019-07-09 15:23:10 -0700] Block:
[2019-07-09 15:23:10 -0700] #Proc:0x000000052ee2f8@/root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117
[2019-07-09 15:23:10 -0700]
[2019-07-09 15:23:10 -0700] Caller:
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in exception_jail' [2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in run'
[2019-07-09 15:23:10 -0700] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/rpc/server/framework.rb:156:in `block in run'
[2019-07-09 15:23:10 -0700] --------------------------------------------------------------------------------

@YouReMyBug
Copy link

Thank you!This worked for mine.

@Zapotek Zapotek closed this as completed May 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

9 participants