arachni手册

[b]快速开始[/b]
[b]帮助[/b]
使用-h来查看arachni功能
arachni -h
当扫描进行时,可以使用回车键来暂停/恢复,中断,延缓执行,以及查看一个发现的问题的总结。
可以这样运行arachni:
arachni http://test.com

将会加载所有的checks,在/plugins/defaults下的插件,审计所有的表单,链接以及cookie。
下面的例子中,将会使用所有的的checks,审计链接/表单/cookie,跟随子域名,以及显示各种信息来扫描http://test.com。结果将会保存在test.com.afr文件中:
arachni --output-verbose --scope-include-subdomains http://test.com --report-save-path=test.com.afr


afr文件可以用于生成几种文件格式的报告,例如:
arachni_reporter test.com.afr --report=html:outfile=my_report.html


查看报告的组件:
arachni_reporter --reporters-list

[color=blue]使用*和-简化加载checks过程:[/color]

使用*来加载所有的xss checks:
arachni http://example.net --checks=xss*


使用*来加载所有的主动checks:
arachni http://example.net --checks=active/*


只排除csrf check:
arachni http://example.net --checks=*,-csrf

更多资源查看:[url]http://support.arachni-scanner.com/kb/general-use[/url]和
http://support.arachni-scanner.com/kb/


[b]命令手册:[/b]
[b]通用[/b]
[color=blue]版本:(--version)[/color]

Expects:

Default: disabled

Multiple invocations?: no

输出arachni的banner和版本信息

[color=blue]授权来自 (--authorized-by)[/color]

Expects: string

Default: disabled

Multiple invocations?: no

传到这个参数的字符串将会被用于HTTP头中的From域的值。其值应该是授权扫描人的邮件

[b]输出[/b]

[color=blue]额外信息 (--output-verbose)[/color]

Expects:

Default: disabled

Multiple invocations?: no

当允许冗余信息,arachni将会输出整个过程中的细节信息。
例如:
arachni --audit-forms --checks=xss http://testfire.net/ --scope-page-limit=1

将会加载xss checks以及审计所有的表单来扫描http://testfire.net/
[color=blue]冗余信息关闭[/color]
上述运行中没有--output-verbose标志位
arachni输出信息分为几类,每一类都有一个不同颜色的前缀:
[color=cyan][*] 状态信息
[~] 情报信息
[+] 成功信息
[v] 冗余信息
[!] 调试信息
[-] 错误信息[/color]
我们不讨论颜色问题
[quote]Arachni - Web Application Security Scanner Framework v1.0
Author: Tasos "Zapotek" Laskos

(With the support of the community and the Arachni Team.)

Website: http://arachni-scanner.com
Documentation: http://arachni-scanner.com/wiki


[*] Initializing...
[*] Waiting for plugins to settle...
[*] BrowserCluster: Initializing 6 browsers...
[*] BrowserCluster: Initialization completed with 6 browsers in the pool.

[*] [HTTP: 200] http://testfire.net/
[~] Identified as: windows, iis, asp, aspx
[~] Analysis resulted in 0 usable paths.
[~] DOM depth: 0 (Limit: 10)
[*] XSS: Auditing form input 'txtSearch' pointing to: 'http://testfire.net/search.aspx'
[*] XSS: Submitting form with original values for txtSearch at 'http://testfire.net/search.aspx'.
[*] XSS: Submitting form with sample values for txtSearch at 'http://testfire.net/search.aspx'.
[*] XSS: Auditing form input 'txtSearch' pointing to: 'http://testfire.net/search.aspx'
[*] XSS: Auditing form input 'txtSearch' pointing to: 'http://testfire.net/search.aspx'
[*] Harvesting HTTP responses...
[~] Depending on server responsiveness and network conditions this may take a while.
[*] XSS: Analyzing response #2...
[~] XSS: Response is tainted, looking for proof of vulnerability.
[+] XSS: In form input 'txtSearch' with action http://testfire.net/search.aspx
[*] XSS: Analyzing response #3...
[*] XSS: Analyzing response #4...
[*] XSS: Analyzing response #5...
[~] XSS: Response is tainted, looking for proof of vulnerability.
[+] XSS: In form input 'txtSearch' with action http://testfire.net/search.aspx
[*] XSS: Analyzing response #6...
[~] XSS: Response is tainted, looking for proof of vulnerability.
[+] XSS: In form input 'txtSearch' with action http://testfire.net/search.aspx[/quote]
[color=blue]冗余信息模式开启[/color]
观察这次运行中的额外信息:
[v]信息是额外信息
[quote]$ arachni --audit-forms --checks=xss http://testfire.net/ --scope-page-limit=1 [color=green]--output-verbose[/color]
Arachni - Web Application Security Scanner Framework v1.0
Author: Tasos "Zapotek" Laskos

(With the support of the community and the Arachni Team.)

Website: http://arachni-scanner.com
Documentation: http://arachni-scanner.com/wiki


[*] Initializing...
[*] Waiting for plugins to settle...
[*] BrowserCluster: Initializing 6 browsers...
[*] BrowserCluster: Initialization completed with 6 browsers in the pool.

[*] [HTTP: 200] http://testfire.net/
[~] Identified as: windows, iis, asp, aspx
[~] Analysis resulted in 0 usable paths.
[~] DOM depth: 0 (Limit: 10)
[*] XSS: Auditing form input 'txtSearch' pointing to: 'http://testfire.net/search.aspx'
[v] XSS: --> With: "" -> "arachni_text"
[*] XSS: Submitting form with original values for txtSearch at 'http://testfire.net/search.aspx'.
[v] XSS: --> With: nil -> ""
[*] XSS: Submitting form with sample values for txtSearch at 'http://testfire.net/search.aspx'.
[v] XSS: --> With: nil -> ""
[*] XSS: Auditing form input 'txtSearch' pointing to: 'http://testfire.net/search.aspx'
[v] XSS: --> With: "()\"&%1'-;'" -> "arachni_text()\"&%1'-;'"
[*] XSS: Auditing form input 'txtSearch' pointing to: 'http://testfire.net/search.aspx'
[v] XSS: --> With: "-->

你可能感兴趣的:(linux,web,渗透测试,arachni)