View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0005737Kali LinuxGeneral Bugpublic2019-10-10 14:492020-12-01 10:41
Reportercrash Assigned To 
PrioritynormalSeveritymajorReproducibilitysometimes
Status closedResolutionopen 
Product Version2019.3 
Summary0005737: Arachni hangs for certain sites
Description

Arachni hangs for certain sites

Steps To Reproduce

Just run arachni against google for example:

#arachni https://www.google.com
Arachni - Web Application Security Scanner Framework v1.5.1
Author: Tasos "Zapotek" Laskos [email protected]

       (With the support of the community and the Arachni Team.)

Website: http://arachni-scanner.com
Documentation: http://arachni-scanner.com/wiki

[~] No checks were specified, loading all.
[~] No element audit options were specified, will audit links, forms, cookies, UI inputs, UI forms, JSONs and XMLs.

[] Initializing...
[] Preparing plugins...
[*] ... done.
[-] [utilities#exception_jail:428] Client: [NoMethodError] undefined method strip' for nil:NilClass [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:49:inprocess_line'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:37:in block in parse' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:35:ineach'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:35:in parse' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/header.rb:20:ininitialize'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/informations.rb:226:in new' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/response/informations.rb:226:inheaders'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/response.rb:317:in from_typhoeus' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/request.rb:659:inset_response_data'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/request.rb:643:in block in to_typhoeus' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/callbacks.rb:128:inblock in execute_callbacks'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/callbacks.rb:127:in each' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/callbacks.rb:127:inexecute_callbacks'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/request/operations.rb:35:in finish' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/easy_factory.rb:159:inblock in set_callback'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/easy/response_callbacks.rb:68:in block in complete' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/easy/response_callbacks.rb:68:ineach'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/easy/response_callbacks.rb:68:in complete' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/multi/operations.rb:151:incheck'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/multi/operations.rb:164:in run' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/ethon-0.11.0/lib/ethon/multi/operations.rb:43:inperform'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/hydra/runnable.rb:15:in run' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/vendor/bundle/ruby/2.5.0/gems/typhoeus-1.0.2/lib/typhoeus/hydra/memoizable.rb:51:inrun'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:635:in block in client_run' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:inexception_jail'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:635:in client_run' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:516:inrun_and_update_statistics'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:224:in block in run' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:inexception_jail'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/http/client.rb:220:in run' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:160:inpop_page_from_url_queue'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:107:in pop_page' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:219:inaudit_queues'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:202:in block in audit' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:inloop'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:in audit' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework.rb:117:inblock in run'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:in exception_jail' [-] [utilities#exception_jail:428] Client: /usr/share/arachni/lib/arachni/framework.rb:117:inrun'
[-] [utilities#exception_jail:428] Client: /usr/share/arachni/ui/cli/framework.rb:80:in block in run' [-] [utilities#exception_jail:429] Client: [-] [utilities#exception_jail:430] Client: Parent: [-] [utilities#exception_jail:431] Client: Arachni::HTTP::Client [-] [utilities#exception_jail:432] Client: [-] [utilities#exception_jail:433] Client: Block: [-] [utilities#exception_jail:434] Client: #<Proc:0x000055c4d20fe820@/usr/share/arachni/lib/arachni/http/client.rb:635> [-] [utilities#exception_jail:435] Client: [-] [utilities#exception_jail:436] Client: Caller: [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/utilities.rb:424:inexception_jail'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:635:in client_run' [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:516:inrun_and_update_statistics'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:224:in block in run' [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:inexception_jail'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/http/client.rb:220:in run' [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:160:inpop_page_from_url_queue'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/data.rb:107:in pop_page' [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:219:inaudit_queues'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:202:in block in audit' [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:inloop'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework/parts/audit.rb:177:in audit' [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework.rb:117:inblock in run'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/utilities.rb:425:in exception_jail' [-] [utilities#exception_jail:437] Client: /usr/share/arachni/lib/arachni/framework.rb:117:inrun'
[-] [utilities#exception_jail:437] Client: /usr/share/arachni/ui/cli/framework.rb:80:in `block in run'
[-] [utilities#exception_jail:438] Client: --------------------------------------------------------------------------------

================================================================================

[+] Web Application Security Report - Arachni Framework

[~] Report generated on: 2019-10-10 16:37:50 +0200
[~] Report false positives at: http://github.com/Arachni/arachni/issues

[+] System settings:
[~] ---------------
[~] Version: 1.5.1
[~] Seed: 04a23d6ac7657e0fff9ac32fe506e25a
[~] Audit started on: 2019-10-10 16:37:50 +0200
[~] Audit finished on: 2019-10-10 16:37:50 +0200
[~] Runtime: 00:00:00

[~] URL: https://www.google.com/
[~] User agent: Arachni/v1.5.1

[] Audited elements:
[~] Links
[~] Forms
[~] Cookies
[~] XMLs
[~] JSONs
[~] UI inputs
[~] UI forms

[*] Checks: file_inclusion, no_sql_injection_differential, sql_injection_timing, unvalidated_redirect, xss_dom, xss_dom_script_context, xss_event, xss_script_context, xss_path, xpath_injection, os_cmd_injection_timing, session_fixation, xss_tag, path_traversal, unvalidated_redirect_dom, xss, csrf, sql_injection_differential, ldap_injection, no_sql_injection, response_splitting, code_injection, rfi, code_injection_php_input_wrapper, sql_injection, code_injection_timing, trainer, os_cmd_injection, xxe, source_code_disclosure, xst, common_admin_interfaces, backup_directories, interesting_responses, insecure_cross_domain_policy_headers, insecure_client_access_policy, webdav, common_directories, htaccess_limit, origin_spoof_access_restriction_bypass, common_files, localstart_asp, directory_listing, credit_card, insecure_cors_policy, captcha, emails, hsts, cookie_set_for_parent_domain, cvs_svn_users, html_objects, ssn, password_autocomplete, insecure_cookies, private_ip, x_frame_options, mixed_resource, http_only_cookies, unencrypted_password_forms, form_upload, backdoors, http_put, backup_files, allowed_methods, insecure_cross_domain_policy_access

[~] ===========================

[+] 0 issues were detected.

[~] Report saved at: /usr/share/arachni/bin/www.google.com 2019-10-10 16_37_50 +0200.afr [0.0MB]
[~] The scan has logged errors: /usr/share/arachni/logs/error-17473.log

[~] Audited 0 page snapshots.

[~] Duration: 00:00:00
[~] Processed 0/2 HTTP requests.
[~] -- 0 requests/second.
[~] Processed 0/0 browser jobs.
[~] -- 0 second/job.

[~] Burst response time sum 0 seconds
[~] Burst response count 0
[~] Burst average response time 0 seconds
[~] Burst average 0 requests/second
[~] Timed-out requests 0
[~] Original max concurrency 20
[~] Throttled max concurrency 20

Additional Information

Linux Anubis 5.2.0-kali3-amd64 0000001 SMP Debian 5.2.17-1kali1 (2019-09-27) x86_64 GNU/Linux

Last update: #cat /var/log/apt/history.log | grep -B 1 -i "apt full-upgrade" | tail -2
Start-Date: 2019-10-10 16:35:48
Commandline: apt full-upgrade

Activities

g0tmi1k

g0tmi1k

2020-12-01 10:41

administrator   ~0013842

This report has been filed against an old version of Kali. We will be closing this ticket due to inactivity.
Please could you see if you are able to replicate this issue with the latest version of Kali Linux (https://www.kali.org/downloads/)?
If you are still facing the same problem, feel free to re-open the ticket. If you choose to do this, could you provide more information to the issue you are facing, and also give information about your setup?
For more information, please read: https://kali.training/topic/filing-a-good-bug-report/

Issue History

Date Modified Username Field Change
2019-10-10 14:49 crash New Issue
2020-12-01 10:41 g0tmi1k Note Added: 0013842
2020-12-01 10:41 g0tmi1k Status new => closed