Cannot find any vulnerability after scan!! #77
Comments
Nishtha04
changed the title
|
@Nishtha04 I also did same thing. I installed jackhammer through docker and local setup also. |
|
I have fixed few small issues by myself, but no use. |
|
@Nishtha04 : What i found in docker build the issue is something which is related to selenium driver version . and seen the sidekiq logs it is unable to generate reports. |
|
I am setting it up in Mac os.. really don't know about local setup |
|
can you please let me know which scan your is running ? and what is status of scan ? . could you please share scan logs |
|
I have done multiple scans..Network, web and code review. Status was scanning started and then Re-scan was coming with no results. But if I run nmap or test web app manually, there are vulnerabilities. Below is the scan log for network. The log file for web app scan is empty.
I have replaced IP address with * |
|
@kmadhusudhan any update? |
|
where did you run the tools? inside docker or local system? |
|
inside docker only |
|
@kmadhusudhan any update? |
|
@Nishtha04 i did not find any issues in logs . could please let me know with examples where i can identify problem with jackhammer scanning against manual scanning ? |
|
@Nishtha04 jackhammer is working ?? is it scanning the application and showing any vulnarabilities in application?? |
|
@sampathmende yeah it did for one app only and reported few issues, not all and for that also I am unable to find the reported vulnerabilities. I don't know if auto deletion is there or what :( |
|
@Nishtha04 if db docker instance destroyed , then only vulnerabilities can be deleted . there is no auto deletion of vulnerabilities in jackhammer |
|
I haven't even stopped my docker or did anything with the db instance. I dont know how it happened. The app name and everything is there but no vulnerabilities. And I don't know what's wrong with the scans as well. |
|
Any update why it is happening? |
|
@sampathmende your issue is resolved? |
|
For last two weeks i have not tested it and i have been working on some other. I will let you know may be nextweek. #76 follow this link it may help you . @vickybyou posted very detailed instructions about installation locally . Its better than developer group. |
|
Yeah I checked it but no use. I am installing it on my mac. Let me know if your issue gets resolved. |
|
Any update on this one ? |
|
No, I have stopped working on it as there was no solution. Cannot spend so much time on this by myself without support from developers. |
|
I also stopped working on it. Developers are not providing any solution even though logs provided. So my suggestion is dont waste your valuable time on this. |
|
@harie0x @Nishtha04 |
|
@kmadhusudhan Am still waiting for reply. |
|
@kmadhusudhan , i Have told u few times in the bug that selenium-webdriver version is 3.8.0 The below is your reply from that issue
|
|
We have fixed this version change in our local and but did not move changes to here . soon we will move these changes to repository |
|
@kmadhusudhan may i know, what changes i need to do to make it work ? |
|
@harie0x Steps to add debugs statements and analyze logs
if your still not clear with above steps, we recorded clear steps in a video for adding new tool , and this present in jackhammer user guide. you can overwrite current arachni implementation or for other tools, whichever is not working for you . |
Jackhammer is not giving any result for any of the scans that I performed.
My redis server is already running and for sidekiq when I run this command sidekiq -c config/sidekiq.yml -d from web/app folder it says -bash: sidekiq: command not found
And also when I click on forgot password link it says We're sorry, but something went wrong.
If you are the application owner check the logs for more information.
The text was updated successfully, but these errors were encountered: