Tasos Laskos edited this page Feb 2, 2016 · 26 revisions


Arachni uses its own RPC implementation, provided by Arachni-RPC (design specification).

The protocol is as simple as possible, utilizing OpenSSL sockets and very simple messages to facilitate communication.


The Arachni Framework provides its own serializer to the Arachni-RPC library. It is essence using MessagePack with the addition of Zlib compression when messages reach a certain size.

Communicating with Arachni

(To keep these examples short and sweet, I will be using the framework's own clients. For a no dependency, bare-bones, reference implementation of a client please see Arachni-RPC Pure.)

The RPC API of the Instances is well documented and contains all the info you'll need.

The only clarification required is about obtaining an Instance, by following these 3 simple steps:

  1. Connect to a Dispatcher
  2. Request an Instance
  3. Connect to an Instance

First of all, we need to run a Dispatcher:

$ arachni_rpcd
Arachni - Web Application Security Scanner Framework v1.1
   Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>

           (With the support of the community and the Arachni Team.)

   Website:       http://arachni-scanner.com
   Documentation: http://arachni-scanner.com/wiki

I, [2014-08-03T19:28:31.867294 #48953]  INFO -- System: RPC Server started.
I, [2014-08-03T19:28:31.867399 #48953]  INFO -- System: Listening on

This is what happens when no options have been set; the default port is 7331.

Connecting to a Dispatcher

require 'arachni'
require 'arachni/rpc/client'

# Pay no attention to this, it just starts the system that manages network
# connections in the background

dispatcher = Arachni::RPC::Client::Dispatcher.new(

Requesting an Instance

# Request for an instance to be dispatched.
ap instance_info = dispatcher.dispatch
# {
#     "token" => "3edd7d8e9e4c717d364854e149ecd43c",
#     "pid" => 48956,
#     "port" => 24725,
#     "url" => "",
#     "owner" => "unknown",
#     "birthdate" => "2014-08-03 19:28:31 +0300",
#     "starttime" => "2014-08-03 19:50:48 +0300",
#     "helpers" => {}
# }

Connecting to an Instance

instance = Arachni::RPC::Client::Instance.new(

ap instance.service.alive?
# => true

In order to successfully authenticate yourself to the instance don't forget to include the authentication token.