Skip to content
GitLab
Closed
Issue created by Administrator@rootContributor

Error on all scans: unexpected response, code=301, content-type=""

Created by: bricex

I am seeing a consistent issue with all scans failing right away with the message '[Selenium::WebDriver::Error::WebDriverError] unexpected response, code=301, content-type=""'. I believe this might be proxy related as the server Arachni is installed on has the http_server/https_server environment variables set to an authenticated proxy server. When I unset these values I am able to scan internal HTTP addresses, but not HTTPS (presumably because of CRL checks requiring outbound proxy support). With no proxy set I see the error "Giving up trying to audit" and "couldn't get a response after 5 tries".

I have confirmed that the proxy settings when set are correct. I am also using a self-signed certificate on the primary site I wish to scan, but this doesn't seem to be a factor from what I have observed.

The output below is from a scan when the proxy values are set. I also tried setting the proxy settings within Arachni (http options) but got the same results.

Any help with troubleshooting this further would be greatly appreciated.

2015-01-28 11:37:42 -0600 --------------------------------------------------------------------------------
ENV:

---
REMOTEHOST: brice-dev.bricex.com
XDG_SESSION_ID: c3
rvm_bin_path: "/home/labs/.rvm/bin"
GEM_HOME: "/home/labs/arachni-1.0.6-0.5.6/system/gems"
TERM: xterm
SHELL: "/bin/bash"
IRBRC: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib/ruby/.irbrc"
HUSHLOGIN: 'FALSE'
MY_RUBY_HOME: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib/ruby"
USER: labs
http_proxy: http://A320060:-4t%3F67*swechawR!zeme@10.10.5.18:8080/
LD_LIBRARY_PATH: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib"
LS_COLORS: 'rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36:'
_system_type: Linux
rvm_path: "/home/labs/.rvm"
rvm_prefix: "/home/labs"
PATH: "/home/labs/arachni-1.0.6-0.5.6/system/gems/bin:/home/labs/arachni-1.0.6-0.5.6/bin/../system/../bin:/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/bin:/home/labs/arachni-1.0.6-0.5.6/bin/../system/gems/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/home/labs/.rvm/bin"
MAIL: "/var/mail/labs"
QT_QPA_PLATFORMTHEME: appmenu-qt5
PWD: "/home/labs/arachni-1.0.6-0.5.6/bin"
ARACHNI_WEBUI_LOGDIR: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/logs/webui"
LANG: en_US.UTF-8
ARACHNI_FRAMEWORK_LOGDIR: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/logs/framework"
_system_arch: x86_64
_system_version: '14.04'
https_proxy: http://A320060:-4t%3F67*swechawR!zeme@10.10.5.18:8080/
rvm_version: 1.26.9 (master)
HOME: "/home/labs"
SHLVL: '1'
RAILS_ENV: production
DYLD_LIBRARY_PATH: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib:"
LOGNAME: labs
GEM_PATH: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/gems"
LESSOPEN: "| /usr/bin/lesspipe %s"
XDG_RUNTIME_DIR: "/run/user/1000"
RUBYLIB: "/home/labs/arachni-1.0.6-0.5.6/system/gems/gems/bundler-1.7.8/lib:/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib/ruby:/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib/ruby/site_ruby/2.1.0:/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib/ruby/2.1.0:/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib/ruby/2.1.0/x86_64-linux:/home/labs/arachni-1.0.6-0.5.6/bin/../system/usr/lib/ruby/site_ruby/2.1.0/x86_64-linux"
RUBY_VERSION: ruby-2.1.5
LESSCLOSE: "/usr/bin/lesspipe %s %s"
_system_name: Ubuntu
RACK_ENV: development
BUNDLE_GEMFILE: "/home/labs/arachni-1.0.6-0.5.6/system/arachni-ui-web/Gemfile"
_ORIGINAL_GEM_PATH: "/home/labs/arachni-1.0.6-0.5.6/bin/../system/gems"
BUNDLE_BIN_PATH: "/home/labs/arachni-1.0.6-0.5.6/system/gems/gems/bundler-1.7.8/bin/bundle"
RUBYOPT: "-rbundler/setup"
MANPATH: "/home/labs/arachni-1.0.6-0.5.6/system/gems/gems/kramdown-1.4.1/man"
BUNDLE_ORIG_MANPATH: "/home/labs/arachni-1.0.6-0.5.6/system/gems/gems/kramdown-1.4.1/man"
--------------------------------------------------------------------------------
OPTIONS:

---
datastore:
  token: 1c5fc3979540a46c88b21cf037193872
input:
  values:
    "(?i-mx:name)": arachni_name
    "(?i-mx:user)": arachni_user
    "(?i-mx:usr)": arachni_user
    "(?i-mx:pass)": 5543!%arachni_secret
    "(?i-mx:txt)": arachni_text
    "(?i-mx:num)": '132'
    "(?i-mx:amount)": '100'
    "(?i-mx:mail)": arachni@email.gr
    "(?i-mx:account)": '12'
    "(?i-mx:id)": '1'
  default_values:
    "(?i-mx:name)": arachni_name
    "(?i-mx:user)": arachni_user
    "(?i-mx:usr)": arachni_user
    "(?i-mx:pass)": 5543!%arachni_secret
    "(?i-mx:txt)": arachni_text
    "(?i-mx:num)": '132'
    "(?i-mx:amount)": '100'
    "(?i-mx:mail)": arachni@email.gr
    "(?i-mx:account)": '12'
    "(?i-mx:id)": '1'
  without_defaults: true
  force: false
browser_cluster:
  pool_size: 6
  job_timeout: 120
  worker_time_to_live: 100
  ignore_images: false
  screen_width: 1600
  screen_height: 1200
audit:
  exclude_vector_patterns: []
  include_vector_patterns: []
  link_templates: []
  links: true
  forms: true
  cookies: true
  headers: false
  with_both_http_methods: false
  cookies_extensively: false
http:
  user_agent: Arachni/v1.0.6
  request_timeout: 50000
  request_redirect_limit: 5
  request_concurrency: 10
  request_queue_size: 100
  request_headers: {}
  cookies: {}
scope:
  redundant_path_patterns: {}
  dom_depth_limit: 10
  exclude_path_patterns: []
  exclude_content_patterns: []
  include_path_patterns: []
  restrict_paths: []
  extend_paths: []
  url_rewrites: {}
  include_subdomains: false
  https_only: false
session: {}
checks:
- xss
- xss_dom
- xss_dom_inputs
- xss_dom_script_context
- xss_event
- xss_path
- xss_script_context
- xss_tag
platforms: []
plugins:
  autothrottle: 
  discovery: 
  healthmap: 
  timing_attacks: 
  uniformity: 
no_fingerprinting: false
authorized_by: 
url: https://usa.cg.na.bricex.com/
--------------------------------------------------------------------------------
[2015-01-28 11:37:42 -0600] [Selenium::WebDriver::Error::WebDriverError] unexpected response, code=301, content-type=""
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver/remote/http/common.rb:66:in `create_response'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/selenium/webdriver/remote/http/typhoeus.rb:38:in `request'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver/remote/http/common.rb:40:in `call'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver/remote/bridge.rb:640:in `raw_execute'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver/remote/bridge.rb:101:in `create_session'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver/remote/bridge.rb:68:in `initialize'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver/common/driver.rb:33:in `new'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver/common/driver.rb:33:in `for'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/selenium-webdriver-2.44.0/lib/selenium/webdriver.rb:67:in `for'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser.rb:879:in `selenium'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser.rb:155:in `initialize'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser_cluster/worker.rb:60:in `initialize'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser_cluster.rb:389:in `new'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser_cluster.rb:389:in `block in initialize_workers'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser_cluster.rb:388:in `times'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser_cluster.rb:388:in `initialize_workers'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/browser_cluster.rb:129:in `initialize'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework/parts/browser.rb:34:in `new'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework/parts/browser.rb:34:in `block in browser_cluster'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/usr/lib/ruby/2.1.0/monitor.rb:211:in `mon_synchronize'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework/parts/browser.rb:29:in `browser_cluster'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework/parts/audit.rb:163:in `audit'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework.rb:120:in `block in run'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `call'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `exception_jail'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework.rb:120:in `run'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/rpc/server/framework.rb:154:in `block in run'
[2015-01-28 11:37:42 -0600] 
[2015-01-28 11:37:42 -0600] Parent:
[2015-01-28 11:37:42 -0600] Arachni::RPC::Server::Framework
[2015-01-28 11:37:42 -0600] 
[2015-01-28 11:37:42 -0600] Block:
[2015-01-28 11:37:42 -0600] #<Proc:0x000000046fb810@/home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework.rb:120>
[2015-01-28 11:37:42 -0600] 
[2015-01-28 11:37:42 -0600] Caller:
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/utilities.rb:395:in `exception_jail'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/framework.rb:120:in `run'
[2015-01-28 11:37:42 -0600] /home/labs/arachni-1.0.6-0.5.6/system/gems/gems/arachni-1.0.6/lib/arachni/rpc/server/framework.rb:154:in `block in run'
[2015-01-28 11:37:42 -0600] --------------------------------------------------------------------------------