Go to Top

Arachni 0.4.3.1- 0.4.1.1 bugfix release

Hey folks,

You gave me some greatly appreciated feedback for 0.4.3-0.4.1 and this bugfix release is my response. It doesn’t contain anything earth-shattering but merely sorts out a few pesky issues. More specifically:

Framework v0.4.3.1

Plugins

AutoLogin

This plugin wasn’t as thorough as it should have been and didn’t keep track of all exchanged cookies; that meant that the login operation would fail under certain circumstances.

Proxy

For some reason the proxy plugin was unable to load properly when Arachni was being run from a Rails env — due to some namespace Ruby quirk.

Modules

Path traversal

Added more fingerprints for /etc/passwd, looking for a mail account instead of only root.

Web User Interface v0.4.1.1

Login screen

The top-level menu auto-refreshes to display the latest data (scan progress, notification, etc.) however that isn’t applicable when the user is not logged in. The auto-refresh behavior has now been updated to be enabled for logged in user only.

Scan monitoring – error log

The scan monitoring page should show an error-log when the scan has encountered errors, however that wasn’t happening because the system was failing to store error-messages retrieved over RPC.

Enjoy. :)

Cheers,

Tasos L.

, , , , , , , , , ,

About Tasos Laskos

CEO of Sarosys LLC, founder and lead developer of Arachni.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.