Skip to content
GitLab
Last edited by Tasos Laskos
Page history

RPC API

Protocol

Arachni uses its own RPC implementation, provided by Arachni-RPC (design specification).

The protocol is as simple as possible, utilizing OpenSSL sockets and very simple messages to facilitate communication.

Serialization

The Arachni Framework provides its own serializer to the Arachni-RPC library. It is essence using MessagePack with the addition of Zlib compression when messages reach a certain size.

Communicating with Arachni

(To keep these examples short and sweet, I will be using the framework's own clients. For a no dependency, bare-bones, reference implementation of a client please see Arachni-RPC Pure.)

The RPC API of the Instances is well documented and contains all the info you'll need.

The only clarification required is about obtaining an Instance, by following these 3 simple steps:

  1. Connect to a Dispatcher
  2. Request an Instance
  3. Connect to an Instance

First of all, we need to run a Dispatcher:

$ arachni_rpcd
Arachni - Web Application Security Scanner Framework v1.1
   Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>

           (With the support of the community and the Arachni Team.)

   Website:       http://arachni-scanner.com
   Documentation: http://arachni-scanner.com/wiki


I, [2014-08-03T19:28:31.867294 #48953]  INFO -- System: RPC Server started.
I, [2014-08-03T19:28:31.867399 #48953]  INFO -- System: Listening on 127.0.0.1:7331

This is what happens when no options have been set; the default port is 7331.

Connecting to a Dispatcher 

require 'arachni'
require 'arachni/rpc/client'

# Pay no attention to this, it just starts the system that manages network
# connections in the background
Arachni::Reactor.global.run_in_thread

dispatcher = Arachni::RPC::Client::Dispatcher.new(
    Arachni::Options.instance,
    'localhost:7331'
)

Requesting an Instance 

# Request for an instance to be dispatched.
ap instance_info = dispatcher.dispatch
# {
#     "token" => "3edd7d8e9e4c717d364854e149ecd43c",
#     "pid" => 48956,
#     "port" => 24725,
#     "url" => "127.0.0.1:24725",
#     "owner" => "unknown",
#     "birthdate" => "2014-08-03 19:28:31 +0300",
#     "starttime" => "2014-08-03 19:50:48 +0300",
#     "helpers" => {}
# }

Connecting to an Instance 

instance = Arachni::RPC::Client::Instance.new(
    Arachni::Options.instance,
    instance_info['url'],
    instance_info['token']
)

ap instance.service.alive?
# => true

In order to successfully authenticate yourself to the instance don't forget to include the authentication token.