jackhammer icon indicating copy to clipboard operation
jackhammer copied to clipboard

Published 20 hours ago verified publisher icon olacabs

can not find vulnerable

Open Any3ite opened this issue 8 years ago • 16 comments

Hello my friend, thanks for your anwser , im builded jackhammer, and use it scan website eg: http://testphp.vulnweb.com , ten minute after, can not find any vuln ,so can you help me , and nmap or wpscan is worked

Any3ite avatar Aug 13 '17 13:08 Any3ite

can you please rescan it? For testing i done web scanning on http://testphp.vulnweb.com. Jackhammer has found vulnerabilities .Please share me log details from web/app/log/scans/scan_id.log if you face same issue

kmadhusudhan avatar Aug 16 '17 09:08 kmadhusudhan

sorry bro im re scaned , but in web/app/log at here is nothing ~ , so ,can not give you log file. but i think can you make jackhammer in vmware ?

Any3ite avatar Aug 17 '17 05:08 Any3ite

please check in docker image for log file

kmadhusudhan avatar Aug 17 '17 06:08 kmadhusudhan

root@13c3350919e4:/home/app# ls Gemfile Gemfile.lock Procfile Rakefile app bin config config.ru data db lib log public spec templates tools vendor root@13c3350919e4:/home/app# ls log root@13c3350919e4:/home/app#

can not find any scan info and log and i'm mailed for you

Any3ite avatar Aug 17 '17 06:08 Any3ite

please do tail -f log/sidekiq.log and do the scanning, after completion of scan ,share me log info

kmadhusudhan avatar Aug 17 '17 06:08 kmadhusudhan

➜ ~ docker run -it jackhammer_web /bin/bash root@3f52d94369cb:/home/app# tail -f log/sidekiq.log tail: cannot open 'log/sidekiq.log' for reading: No such file or directory root@3f52d94369cb:/home/app#

can not find any file im logined at jackhammer_web

Any3ite avatar Aug 17 '17 06:08 Any3ite

sidekiq is running ?

kmadhusudhan avatar Aug 17 '17 06:08 kmadhusudhan

➜ ~ docker run -it jackhammer_web /bin/bash root@944d52af58ad:/home/app# ps -ef |grep sidekiq root@944d52af58ad:/home/app# no

Any3ite avatar Aug 17 '17 06:08 Any3ite

can please start it ? Run this command RAILS_ENV=production bundle exec sidekiq -C config/sidekiq.yml -d

kmadhusudhan avatar Aug 17 '17 06:08 kmadhusudhan

very thanks my friend do you have teamviewer ?

Any3ite avatar Aug 17 '17 06:08 Any3ite

this is log/sidekiq.log info

**root@e0b48d15c373:/home/app# cat log/sidekiq.log

Logfile created on 2017-08-17 06:48:40 +0000 by logger.rb/53141

No such file or directory @ rb_sysopen - /home/app/tmp/pids/sidekiq.pid /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:370:in initialize' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:370:in open' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:370:in write_pid' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:43:in parse' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/bin/sidekiq:11:in <top (required)>' /root/.rbenv/versions/2.3.0/bin/sidekiq:23:in load' /root/.rbenv/versions/2.3.0/bin/sidekiq:23:in <top (required)>' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:74:in load' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:74:in kernel_load' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:27:in run' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:365:in exec' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/command.rb:27:in run' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/invocation.rb:126:in invoke_command' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor.rb:369:in dispatch' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:22:in dispatch' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/base.rb:444:in start' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:13:in start' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/exe/bundle:30:in block in <top (required)>' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/friendly_errors.rb:121:in with_friendly_errors' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/exe/bundle:22:in <top (required)>' /root/.rbenv/versions/2.3.0/bin/bundle:23:in load' /root/.rbenv/versions/2.3.0/bin/bundle:23:in

' root@e0b48d15c373:/home/app#**

Any3ite avatar Aug 17 '17 06:08 Any3ite

can please do mkdir -p tmp/pids, and run sidekiq

kmadhusudhan avatar Aug 17 '17 06:08 kmadhusudhan

im run commanded and now log info

root@e0b48d15c373:/home/app# cat log/sidekiq.log

Logfile created on 2017-08-17 06:48:40 +0000 by logger.rb/53141

No such file or directory @ rb_sysopen - /home/app/tmp/pids/sidekiq.pid /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:370:in initialize' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:370:in open' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:370:in write_pid' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:43:in parse' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/bin/sidekiq:11:in <top (required)>' /root/.rbenv/versions/2.3.0/bin/sidekiq:23:in load' /root/.rbenv/versions/2.3.0/bin/sidekiq:23:in <top (required)>' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:74:in load' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:74:in kernel_load' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:27:in run' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:365:in exec' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/command.rb:27:in run' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/invocation.rb:126:in invoke_command' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor.rb:369:in dispatch' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:22:in dispatch' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/base.rb:444:in start' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:13:in start' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/exe/bundle:30:in block in <top (required)>' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/friendly_errors.rb:121:in with_friendly_errors' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/exe/bundle:22:in <top (required)>' /root/.rbenv/versions/2.3.0/bin/bundle:23:in load' /root/.rbenv/versions/2.3.0/bin/bundle:23:in

' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/rb-readline-0.5.1/lib/readline.rb:458: warning: already initialized constant Readline::HISTORY /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/rb-readline-0.5.1/lib/readline.rb:486: warning: already initialized constant Readline::FILENAME_COMPLETION_PROC /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/rb-readline-0.5.1/lib/readline.rb:517: warning: already initialized constant Readline::USERNAME_COMPLETION_PROC /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/rb-readline-0.5.1/lib/readline.rb:523: warning: already initialized constant Readline::VERSION 2017-08-17T06:57:20.534Z 203 TID-gte60qtr8 INFO: Running in ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-linux] 2017-08-17T06:57:20.534Z 203 TID-gte60qtr8 INFO: See LICENSE and the LGPL-3.0 for licensing details. 2017-08-17T06:57:20.534Z 203 TID-gte60qtr8 INFO: Upgrade to Sidekiq Pro for more features and support: http://sidekiq.org 2017-08-17T06:57:20.534Z 203 TID-gte60qtr8 INFO: Booting Sidekiq 4.2.10 with redis options {:url=>nil} Error connecting to Redis on 127.0.0.1:6379 (Errno::ECONNREFUSED) /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:345:in rescue in establish_connection' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:331:in establish_connection' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:101:in block in connect' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:293:in with_reconnect' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:100:in connect' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:364:in ensure_connected' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:221:in block in process' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:306:in logging' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:220:in process' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis/client.rb:120:in call' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis.rb:251:in block in info' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis.rb:58:in block in synchronize' /root/.rbenv/versions/2.3.0/lib/ruby/2.3.0/monitor.rb:214:in mon_synchronize' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis.rb:58:in synchronize' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/redis-3.3.3/lib/redis.rb:250:in info' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq.rb:113:in block in redis_info' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq.rb:95:in block in redis' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/connection_pool-2.2.1/lib/connection_pool.rb:64:in block (2 levels) in with' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/connection_pool-2.2.1/lib/connection_pool.rb:63:in handle_interrupt' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/connection_pool-2.2.1/lib/connection_pool.rb:63:in block in with' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/connection_pool-2.2.1/lib/connection_pool.rb:60:in handle_interrupt' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/connection_pool-2.2.1/lib/connection_pool.rb:60:in with' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq.rb:92:in redis' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq.rb:106:in redis_info' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/lib/sidekiq/cli.rb:71:in run' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/sidekiq-4.2.10/bin/sidekiq:12:in <top (required)>' /root/.rbenv/versions/2.3.0/bin/sidekiq:23:in load' /root/.rbenv/versions/2.3.0/bin/sidekiq:23:in <top (required)>' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:74:in load' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:74:in kernel_load' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli/exec.rb:27:in run' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:365:in exec' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/command.rb:27:in run' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/invocation.rb:126:in invoke_command' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor.rb:369:in dispatch' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:22:in dispatch' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/vendor/thor/lib/thor/base.rb:444:in start' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/cli.rb:13:in start' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/exe/bundle:30:in block in <top (required)>' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/lib/bundler/friendly_errors.rb:121:in with_friendly_errors' /root/.rbenv/versions/2.3.0/lib/ruby/gems/2.3.0/gems/bundler-1.15.3/exe/bundle:22:in <top (required)>' /root/.rbenv/versions/2.3.0/bin/bundle:23:in load' /root/.rbenv/versions/2.3.0/bin/bundle:23:in `
' root@e0b48d15c373:/home/app#

Any3ite avatar Aug 17 '17 06:08 Any3ite

some how your Redis server is down. please make sure your redis and sidekiq is running , everything will work fine. please stop docker-compose and do rebuild everything will get started

kmadhusudhan avatar Aug 17 '17 07:08 kmadhusudhan

im remove all docker file and reclone git project , thanks.

Any3ite avatar Aug 17 '17 07:08 Any3ite

im find some error at install jackhammer

Step 7/48 : RUN apt-get -y install git curl zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev python-software-properties libffi-dev ---> Running in 4d90606bca07

Get:127 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-software-properties all 0.92.37.8 [19.7 kB] Get:128 http://archive.ubuntu.com/ubuntu/ trusty-updates/main sqlite3 amd64 3.8.2-1ubuntu2.1 [28.8 kB] Get:129 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libffi-dev amd64 3.1~rc1+r3.0.13-12ubuntu0.1 [99.8 kB] Get:130 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libyaml-dev amd64 0.1.4-3ubuntu3.1 [55.9 kB]

debconf: unable to initialize frontend: Dialog

debconf: (TERM is not set, so the dialog frontend is not usable.) debconf: falling back to frontend: Readline debconf: unable to initialize frontend: Readline debconf: (This frontend requires a controlling tty.) debconf: falling back to frontend: Teletype dpkg-preconfigure: unable to re-open stdin:

Setting up ca-certificates (20160104ubuntu0.14.04.1) ... debconf: unable to initialize frontend: Dialog debconf: (TERM is not set, so the dialog frontend is not usable.) debconf: falling back to frontend: Readline debconf: unable to initialize frontend: Readline debconf: (This frontend requires a controlling tty.) debconf: falling back to frontend: Teletype Setting up iso-codes (3.52-1) ... Setting up krb5-locales (1.12+dfsg-2ubuntu5.3) ... Setting up libglib2.0-data (2.40.2-0ubuntu1) ... Setting up libsasl2-modules:amd64 (2.1.25.dfsg1-17build1) ... Setting up manpages (3.54-1ubuntu1) ... Setting up openssh-client (1:6.6p1-2ubuntu2.8) ... Setting up libpython2.7-stdlib:amd64 (2.7.6-8ubuntu0.3) ... Setting up python2.7 (2.7.6-8ubuntu0.3) ... Setting up python-minimal (2.7.5-5ubuntu3) ... Setting up libpython-stdlib:amd64 (2.7.5-5ubuntu3) ... Setting up python (2.7.5-5ubuntu3) ... Setting up python-apt-common (0.9.3.5ubuntu2) ... Setting up python3-apt (0.9.3.5ubuntu2) ... Setting up rsync (3.1.0-2ubuntu0.2) ... Removing any system startup links for /etc/init.d/rsync ... update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match rsync Default-Stop values (none) Adding system startup for /etc/init.d/rsync ... /etc/rc0.d/K20rsync -> ../init.d/rsync /etc/rc1.d/K20rsync -> ../init.d/rsync /etc/rc6.d/K20rsync -> ../init.d/rsync /etc/rc2.d/S20rsync -> ../init.d/rsync /etc/rc3.d/S20rsync -> ../init.d/rsync /etc/rc4.d/S20rsync -> ../init.d/rsync /etc/rc5.d/S20rsync -> ../init.d/rsync invoke-rc.d: policy-rc.d denied execution of restart. Setting up shared-mime-info (1.2-0ubuntu3) ... Setting up xauth (1:1.0.7-1ubuntu1) ... Setting up xml-core (0.13+nmu2) ... Setting up binutils (2.24-5ubuntu14.2) ...

Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libdbi-perl amd64 1.630-1 [879 kB] Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libdbd-mysql-perl amd64 4.025-1ubuntu0.1 [87.6 kB] Get:3 http://archive.ubuntu.com/ubuntu/ trusty/main libterm-readkey-perl amd64 2.31-1 [27.4 kB] Get:4 http://archive.ubuntu.com/ubuntu/ trusty-updates/main mysql-client-core-5.5 amd64 5.5.57-0ubuntu0.14.04.1 [707 kB] Get:5 http://archive.ubuntu.com/ubuntu/ trusty-updates/main mysql-client-5.5 amd64 5.5.57-0ubuntu0.14.04.1 [1588 kB] Get:6 http://archive.ubuntu.com/ubuntu/ trusty-updates/main mysql-client all 5.5.57-0ubuntu0.14.04.1 [11.2 kB] debconf: unable to initialize frontend: Dialog debconf: (TERM is not set, so the dialog frontend is not usable.) debconf: falling back to frontend: Readline debconf: unable to initialize frontend: Readline debconf: (This frontend requires a controlling tty.) debconf: falling back to frontend: Teletype dpkg-preconfigure: unable to re-open stdin: Fetched 3301 kB in 18s (179 kB/s)

Any3ite avatar Aug 17 '17 07:08 Any3ite