Small white diary 31:kali Penetration Testing Web penetration-scanning Tool-arachni

Scan Tool-arachni

Kali integrates the old Arachni in castrated version, so need to reinstall "In some respects has its uniqueness, but not very powerful, there are command line and web two ways to use" "Anonymous recommended"

Apt-get Update

http://www.arachni-scanner.com/download/#Linux

Tar xvf arachni.tar.gz

./arachni_console #进入命令行模式

./arachni_web #启用web服务, enter web operation mode "belongs to Web Application"

http://localhost:9292/

· [email protected]/administrator #web界面的登录账号密码

SCAN "Default integration of 3 profiles"

Advanced Options "Arachni's uniqueness: Support for distributed scanning"

Results analysis

1. Resetting the database "server configuration Aspects"

2. HTTP TRACE "may cause XSS"

3. Forms transmitted in clear text

4. Common Catalogue

5. Backup configuration file

Generally not directly accessible, in the PHP site, you can view the server side of the file content "normal PHP code will not be directly downloaded by the browser"

# # #常用方法: path +?-s can view most PHP server-side code "Get code, you can do code audit"

User "Use Users"

# #arachni的cookie信息会在一定时间内变化 "Identity authentication to protect against cookie information"

Dispatchers dispatching "remote and grid for advanced options"

You need to use commands to implement

Remote

./ARACHNI_RPCD--address=127.0.0.1--port=1111--nickname=test1 #指定IP Specify port nickname settings

Grid

./ARACHNI_RPCD--address=127.0.0.1--nickname=test2--neighbour=127.0.0.1:1111 #neighbour加入组, by specifying neighbour, forming groups " It is not recommended to point to a neighbour "

Profiles "Scan configuration file (customizable)"

Small white diary 31:kali Penetration Testing Web penetration-scanning Tool-arachni