Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

errors scanning OWASP benchmark #936

Closed
Sergy123 opened this issue Dec 5, 2017 · 3 comments
Closed

errors scanning OWASP benchmark #936

Sergy123 opened this issue Dec 5, 2017 · 3 comments

Comments

@Sergy123
Copy link

Sergy123 commented Dec 5, 2017
edited by Zapotek

I can not complete OWASP benchmark scan due to the following errors. Any suggestions on how to proceeds forward?

2017-12-05 09:54:07 -0500 --------------------------------------------------------------------------------
ENV:
---
LD_LIBRARY_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib:/usr/lib:/usr/local/lib"
LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:'
FONTCONFIG_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/home/arachni/.fonts"
XDG_MENU_PREFIX: gnome-
LANG: C.UTF-8
GDM_LANG: C.UTF-8
DISPLAY: ":1"
OLDPWD: "/root/Downloads/arachni-1.5.1-0.5.12"
C_INCLUDE_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/include"
RUBY_VERSION: ruby-2.2.3
COLORTERM: truecolor
GEM_HOME: "/root/Downloads/arachni-1.5.1-0.5.12/system/gems"
USERNAME: root
XDG_VTNR: '2'
SSH_AUTH_SOCK: "/run/user/0/keyring/ssh"
S_COLORS: auto
XDG_SESSION_ID: '2'
USER: root
DESKTOP_SESSION: gnome
PWD: "/root/Downloads/arachni-1.5.1-0.5.12/bin"
HOME: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/home/arachni"
JOURNAL_STREAM: 9:17980
SSH_AGENT_PID: '960'
QT_ACCESSIBILITY: '1'
XDG_SESSION_TYPE: x11
XDG_DATA_DIRS: "/usr/share/gnome:/usr/local/share/:/usr/share/"
XDG_SESSION_DESKTOP: gnome
GEM_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems"
LIBRARY_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib:/usr/lib:/usr/local/lib"
GJS_DEBUG_OUTPUT: stderr
RAILS_ENV: production
GTK_MODULES: gail:atk-bridge
ARACHNI_WEBUI_LOGDIR: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/logs/webui"
WINDOWPATH: '2'
VTE_VERSION: '5000'
SHELL: "/bin/bash"
TERM: xterm-256color
ARACHNI_FRAMEWORK_LOGDIR: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/logs/framework"
XDG_CURRENT_DESKTOP: GNOME
RUBYLIB: "/root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/bundler-1.14.6/lib:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/site_ruby/2.2.0:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/2.2.0:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/2.2.0/x86_64-linux:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/site_ruby/2.2.0/x86_64-linux"
GPG_AGENT_INFO: "/run/user/0/gnupg/S.gpg-agent:0:1"
QT_LINUX_ACCESSIBILITY_ALWAYS_ON: '1'
XDG_SEAT: seat0
SHLVL: '1'
WINDOWID: '41943046'
GDMSESSION: gnome
GNOME_DESKTOP_SESSION_ID: this-is-deprecated
LOGNAME: root
DBUS_SESSION_BUS_ADDRESS: unix:path=/run/user/0/bus
XDG_RUNTIME_DIR: "/run/user/0"
XAUTHORITY: "/run/user/0/gdm/Xauthority"
CPLUS_INCLUDE_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/include"
MY_RUBY_HOME: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby"
PATH: "/root/Downloads/arachni-1.5.1-0.5.12/system/gems/bin:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/../bin:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/bin:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
IRBRC: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/lib/ruby/.irbrc"
GJS_DEBUG_TOPICS: JS ERROR;JS LOG
SESSION_MANAGER: local/kali:@/tmp/.ICE-unix/911,unix/kali:/tmp/.ICE-unix/911
RACK_ENV: development
BUNDLE_GEMFILE: "/root/Downloads/arachni-1.5.1-0.5.12/system/arachni-ui-web/Gemfile"
BUNDLER_ORIG_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/../bin:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/usr/bin:/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
BUNDLER_ORIG_GEM_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/bin/../system/gems"
BUNDLE_BIN_PATH: "/root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/bundler-1.14.6/exe/bundle"
BUNDLER_VERSION: 1.14.6
RUBYOPT: "-rbundler/setup"
MANPATH: "/root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/kramdown-1.4.1/man"
BUNDLER_ORIG_MANPATH: "/root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/kramdown-1.4.1/man"
--------------------------------------------------------------------------------
OPTIONS:
---
audit:
  parameter_values: true
  exclude_vector_patterns: []
  include_vector_patterns: []
  link_templates: []
  links: true
  forms: true
  cookies: true
  jsons: true
  xmls: true
  ui_forms: true
  ui_inputs: true
datastore:
  token: f2e6097bb430ca62ff4ae3f7f68ae238
input:
  values:
    name: arachni_name
    user: arachni_user
    usr: arachni_user
    pass: 5543!%arachni_secret
    txt: arachni_text
    num: '132'
    amount: '100'
    mail: arachni@email.gr
    account: '12'
    id: '1'
  default_values:
    name: arachni_name
    user: arachni_user
    usr: arachni_user
    pass: 5543!%arachni_secret
    txt: arachni_text
    num: '132'
    amount: '100'
    mail: arachni@email.gr
    account: '12'
    id: '1'
  without_defaults: true
  force: false
http:
  user_agent: Arachni/v1.5.1
  request_timeout: 10000
  request_redirect_limit: 5
  request_concurrency: 20
  request_queue_size: 100
  request_headers: {}
  response_max_size: 500000
  cookies: {}
  authentication_type: auto
scope:
  redundant_path_patterns: {}
  dom_depth_limit: 5
  exclude_file_extensions:
  - "[]"
  exclude_path_patterns: []
  exclude_content_patterns: []
  include_path_patterns: []
  restrict_paths: []
  extend_paths: []
  url_rewrites: {}
browser_cluster:
  local_storage: {}
  wait_for_elements: {}
  pool_size: 6
  job_timeout: 10
  worker_time_to_live: 100
  ignore_images: false
  screen_width: 1600
  screen_height: 1200
session: {}
checks:
- allowed_methods
- backdoors
- backup_directories
- backup_files
- captcha
- code_injection
- code_injection_php_input_wrapper
- code_injection_timing
- common_admin_interfaces
- common_directories
- common_files
- cookie_set_for_parent_domain
- credit_card
- csrf
- cvs_svn_users
- directory_listing
- emails
- file_inclusion
- form_upload
- hsts
- htaccess_limit
- html_objects
- http_only_cookies
- http_put
- insecure_client_access_policy
- insecure_cookies
- insecure_cors_policy
- insecure_cross_domain_policy_access
- insecure_cross_domain_policy_headers
- interesting_responses
- ldap_injection
- localstart_asp
- mixed_resource
- no_sql_injection
- no_sql_injection_differential
- origin_spoof_access_restriction_bypass
- os_cmd_injection
- os_cmd_injection_timing
- password_autocomplete
- path_traversal
- private_ip
- response_splitting
- rfi
- session_fixation
- source_code_disclosure
- sql_injection
- sql_injection_differential
- sql_injection_timing
- ssn
- trainer
- unencrypted_password_forms
- unvalidated_redirect
- unvalidated_redirect_dom
- webdav
- x_frame_options
- xpath_injection
- xss
- xss_dom
- xss_dom_script_context
- xss_event
- xss_path
- xss_script_context
- xss_tag
- xst
- xxe
platforms: []
plugins:
  autothrottle: {}
  discovery: {}
  healthmap: {}
  timing_attacks: {}
  uniformity: {}
no_fingerprinting: false
authorized_by: 
url: https://192.168.10.133:8443/benchmark/
--------------------------------------------------------------------------------
[2017-12-05 09:54:07 -0500] [ArgumentError] invalid byte sequence in UTF-8
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser/nodes/with_value.rb:22:in `strip'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser/nodes/with_value.rb:22:in `value='
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser/nodes/with_value.rb:18:in `initialize'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser/sax.rb:58:in `new'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser/sax.rb:58:in `text'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser.rb:70:in `sax_html'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser.rb:70:in `block in parse'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/support/cache/base.rb:108:in `call'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/support/cache/base.rb:108:in `fetch'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser.rb:66:in `parse'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser.rb:243:in `document'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/parser.rb:423:in `paths'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/page.rb:309:in `paths'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/data.rb:207:in `push_paths_from_page'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:98:in `audit_page'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:228:in `audit_queues'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/rpc/server/framework/multi_instance.rb:222:in `audit_queues'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:202:in `block in audit'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:177:in `loop'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework/parts/audit.rb:177:in `audit'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `block in run'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `call'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `exception_jail'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `run'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/rpc/server/framework.rb:156:in `block in run'
[2017-12-05 09:54:07 -0500] 
[2017-12-05 09:54:07 -0500] Parent:
[2017-12-05 09:54:07 -0500] Arachni::RPC::Server::Framework
[2017-12-05 09:54:07 -0500] 
[2017-12-05 09:54:07 -0500] Block:
[2017-12-05 09:54:07 -0500] #<Proc:0x000000055d2f50@/root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117>
[2017-12-05 09:54:07 -0500] 
[2017-12-05 09:54:07 -0500] Caller:
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/utilities.rb:425:in `exception_jail'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/framework.rb:117:in `run'
[2017-12-05 09:54:07 -0500] /root/Downloads/arachni-1.5.1-0.5.12/system/gems/gems/arachni-1.5.1/lib/arachni/rpc/server/framework.rb:156:in `block in run'
[2017-12-05 09:54:07 -0500] --------------------------------------------------------------------------------
@Zapotek
Copy link
Member

Zapotek commented Dec 21, 2017

I think this has been fixed in the nightlies.
Can you give them a try please?

@Sergy123
Copy link
Author

it works, thanks

@Zapotek Zapotek closed this as completed Dec 24, 2017
@maksim-pinguin
Copy link

@Sergy123 can you please explain what you did explicitly, because i got the same error with both the stable and the nightlies see my comment in ref #974

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Zapotek @Sergy123 @maksim-pinguin