Arachni changed from --user-agent to --http-user-agent #347

Closed
DePierre opened this Issue Oct 15, 2014 · 4 comments

Comments

Projects
None yet
3 participants
@DePierre
Contributor

DePierre commented Oct 15, 2014

OWTF uses --user-agent when running Arachni.
But Arachni 1.0.2 (and since 1.0 imho), the correct option name is --http-user-agent (see below).

[*] Running: ./arachni --user-agent="Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20100101 Firefox/6.0" --http-req-limit=20 --report="html:outfile=arachni_report2014-10-15_18_27_14.html" --report="txt:outfile=arachni_report2014-10-15_18_27_14.txt" --report="metareport:outfile=arachni_report2014-10-15_18_27_14.msf" --report="ap:outfile=arachni_report2014-10-15_18_27_14.ap" --report="xml:outfile=arachni_report2014-10-15_18_27_14.xml" --report="afr:outfile=arachni_report2014-10-15_18_27_14.afr" --proxy=0.0.0.0:8008 http://127.0.0.1:8080/
/usr/share/arachni/system/gems/gems/arachni-1.0.2/ui/cli/option_parser.rb:63:in `parse': invalid option: --user-agent=Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20100101 Firefox/6.0 (OptionParser::InvalidOption)
from /usr/share/arachni/system/gems/gems/arachni-1.0.2/ui/cli/framework.rb:396:in `parse_options'
from /usr/share/arachni/system/gems/gems/arachni-1.0.2/ui/cli/framework.rb:32:in `initialize'
from /usr/share/arachni/system/gems/gems/arachni-1.0.2/bin/arachni:12:in `new'
from /usr/share/arachni/system/gems/gems/arachni-1.0.2/bin/arachni:12:in `<top (required)>'
from /usr/share/arachni/bin/../system/arachni-ui-web/bin/arachni:16:in `load'
from /usr/share/arachni/bin/../system/arachni-ui-web/bin/arachni:16:in `<main>'
Arachni - Web Application Security Scanner Framework v1.0.2
Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>

(With the support of the community and the Arachni Team.)

Website:       http://arachni-scanner.com
Documentation: http://arachni-scanner.com/wiki
$ arachni --help | grep agent
      --http-user-agent USER_AGENT
$ arachni --version          
Arachni - Web Application Security Scanner Framework v1.0.2
   Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>

           (With the support of the community and the Arachni Team.)

   Website:       http://arachni-scanner.com
   Documentation: http://arachni-scanner.com/wiki


Arachni 1.0.2 (ruby 2.1.2p95) [x86_64-linux]
@7a

This comment has been minimized.

Show comment
Hide comment
@7a

7a Oct 15, 2014

Member

Since we don't know what version of arachni the user / distro will have, I'd suggest to:
Change how we run arachni like:
Step 1) detect arachni version
Step 2) run it right (i.e. --http-user-agent vs. --user-agent)

If this gets too complicated we can just support the latest, just an idea :)

Member

7a commented Oct 15, 2014

Since we don't know what version of arachni the user / distro will have, I'd suggest to:
Change how we run arachni like:
Step 1) detect arachni version
Step 2) run it right (i.e. --http-user-agent vs. --user-agent)

If this gets too complicated we can just support the latest, just an idea :)

@tunnelshade

This comment has been minimized.

Show comment
Hide comment
@tunnelshade

tunnelshade Oct 19, 2014

Member

Supporting multiple stuff might make us go crazy because we run many tools and dealing with versions will create headache.

Member

tunnelshade commented Oct 19, 2014

Supporting multiple stuff might make us go crazy because we run many tools and dealing with versions will create headache.

@7a

This comment has been minimized.

Show comment
Hide comment
@7a

7a Oct 19, 2014

Member

ok, then let's just support the latest and hope for the best :P
At least let's make sure the installer installs the latest version together with the fix of the script ;)

Member

7a commented Oct 19, 2014

ok, then let's just support the latest and hope for the best :P
At least let's make sure the installer installs the latest version together with the fix of the script ;)

@tunnelshade

This comment has been minimized.

Show comment
Hide comment
@tunnelshade

tunnelshade Oct 23, 2014

Member

Fixed in d84a145

Member

tunnelshade commented Oct 23, 2014

Fixed in d84a145

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment