View Issue Details

IDProjectCategoryView StatusLast Update
0005737Kali Linux[All Projects] General Bugpublic2019-10-10 14:49
Reportercrash Assigned To 
PrioritynormalSeveritymajorReproducibilitysometimes
Status newResolutionopen 
Product Version2019.3 
Target VersionFixed in Version 
Summary0005737: Arachni hangs for certain sites
DescriptionArachni hangs for certain sites
Steps To ReproduceJust run arachni against google for example:
 
#arachni https://www.google.com
Arachni - Web Application Security Scanner Framework v1.5.1
   Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>

           (With the support of the community and the Arachni Team.)

   Website: http://arachni-scanner.com
   Documentation: http://arachni-scanner.com/wiki


 [~] No checks were specified, loading all.
 [~] No element audit options were specified, will audit links, forms, cookies, UI inputs, UI forms, JSONs and XMLs.

 [*] Initializing...
 [*] Preparing plugins...
 [*] ... done.
 [-] [utilities#exception_jail:428] Client: [NoMethodError] undefined method `strip' for nil:NilClass
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:49:in `process_line'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:37:in `block in parse'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:35:in `each'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:35:in `parse'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:20:in `initialize'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/informations.rb:226:in `new'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/informations.rb:226:in `headers'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/response.rb:317:in `from_typhoeus'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/request.rb:659:in `set_response_data'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/request.rb:643:in `block in to_typhoeus'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/callbacks.rb:128:in `block in execute_callbacks'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/callbacks.rb:127:in `each'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/callbacks.rb:127:in `execute_callbacks'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/operations.rb:35:in `finish'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/easy_factory.rb:159:in `block in set_callback'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/easy/response_callbacks.rb:68:in `block in complete'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/easy/response_callbacks.rb:68:in `each'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/easy/response_callbacks.rb:68:in `complete'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/multi/operations.rb:151:in `check'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/multi/operations.rb:164:in `run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/multi/operations.rb:43:in `perform'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/hydra/runnable.rb:15:in `run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/hydra/memoizable.rb:51:in `run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:635:in `block in client_run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:in `exception_jail'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:635:in `client_run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:516:in `run_and_update_statistics'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:224:in `block in run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:in `exception_jail'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:220:in `run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:160:in `pop_page_from_url_queue'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:107:in `pop_page'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:219:in `audit_queues'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:202:in `block in audit'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:in `loop'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:in `audit'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework.rb:117:in `block in run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:in `exception_jail'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework.rb:117:in `run'
 [-] [utilities#exception_jail:428] Client: /usr/share/arachni/ui/cli/framework.rb:80:in `block in run'
 [-] [utilities#exception_jail:429] Client:
 [-] [utilities#exception_jail:430] Client: Parent:
 [-] [utilities#exception_jail:431] Client: Arachni::HTTP::Client
 [-] [utilities#exception_jail:432] Client:
 [-] [utilities#exception_jail:433] Client: Block:
 [-] [utilities#exception_jail:434] Client: #<Proc:0x000055c4d20fe820@/usr/share/arachni/lib/arachni/http/client.rb:635>
 [-] [utilities#exception_jail:435] Client:
 [-] [utilities#exception_jail:436] Client: Caller:
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/utilities.rb:424:in `exception_jail'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:635:in `client_run'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:516:in `run_and_update_statistics'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:224:in `block in run'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:in `exception_jail'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:220:in `run'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:160:in `pop_page_from_url_queue'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:107:in `pop_page'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:219:in `audit_queues'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:202:in `block in audit'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:in `loop'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:in `audit'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework.rb:117:in `block in run'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:in `exception_jail'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework.rb:117:in `run'
 [-] [utilities#exception_jail:437] Client: /usr/share/arachni/ui/cli/framework.rb:80:in `block in run'
 [-] [utilities#exception_jail:438] Client: --------------------------------------------------------------------------------







































================================================================================


 [+] Web Application Security Report - Arachni Framework

 [~] Report generated on: 2019-10-10 16:37:50 +0200
 [~] Report false positives at: http://github.com/Arachni/arachni/issues

 [+] System settings:
 [~] ---------------
 [~] Version: 1.5.1
 [~] Seed: 04a23d6ac7657e0fff9ac32fe506e25a
 [~] Audit started on: 2019-10-10 16:37:50 +0200
 [~] Audit finished on: 2019-10-10 16:37:50 +0200
 [~] Runtime: 00:00:00

 [~] URL: https://www.google.com/
 [~] User agent: Arachni/v1.5.1

 [*] Audited elements:
 [~] * Links
 [~] * Forms
 [~] * Cookies
 [~] * XMLs
 [~] * JSONs
 [~] * UI inputs
 [~] * UI forms

 [*] Checks: file_inclusion, no_sql_injection_differential, sql_injection_timing, unvalidated_redirect, xss_dom, xss_dom_script_context, xss_event, xss_script_context, xss_path, xpath_injection, os_cmd_injection_timing, session_fixation, xss_tag, path_traversal, unvalidated_redirect_dom, xss, csrf, sql_injection_differential, ldap_injection, no_sql_injection, response_splitting, code_injection, rfi, code_injection_php_input_wrapper, sql_injection, code_injection_timing, trainer, os_cmd_injection, xxe, source_code_disclosure, xst, common_admin_interfaces, backup_directories, interesting_responses, insecure_cross_domain_policy_headers, insecure_client_access_policy, webdav, common_directories, htaccess_limit, origin_spoof_access_restriction_bypass, common_files, localstart_asp, directory_listing, credit_card, insecure_cors_policy, captcha, emails, hsts, cookie_set_for_parent_domain, cvs_svn_users, html_objects, ssn, password_autocomplete, insecure_cookies, private_ip, x_frame_options, mixed_resource, http_only_cookies, unencrypted_password_forms, form_upload, backdoors, http_put, backup_files, allowed_methods, insecure_cross_domain_policy_access

 [~] ===========================

 [+] 0 issues were detected.


 [~] Report saved at: /usr/share/arachni/bin/www.google.com 2019-10-10 16_37_50 +0200.afr [0.0MB]
 [~] The scan has logged errors: /usr/share/arachni/logs/error-17473.log

 [~] Audited 0 page snapshots.

 [~] Duration: 00:00:00
 [~] Processed 0/2 HTTP requests.
 [~] -- 0 requests/second.
 [~] Processed 0/0 browser jobs.
 [~] -- 0 second/job.

 [~] Burst response time sum 0 seconds
 [~] Burst response count 0
 [~] Burst average response time 0 seconds
 [~] Burst average 0 requests/second
 [~] Timed-out requests 0
 [~] Original max concurrency 20
 [~] Throttled max concurrency 20
Additional InformationLinux Anubis 5.2.0-kali3-amd64 0000001 SMP Debian 5.2.17-1kali1 (2019-09-27) x86_64 GNU/Linux

Last update: #cat /var/log/apt/history.log | grep -B 1 -i "apt full-upgrade" | tail -2
Start-Date: 2019-10-10 16:35:48
Commandline: apt full-upgrade

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-10-10 14:49 crash New Issue