Start to work with ZAP scripting
768 views
Skip to first unread message
Łukasz Lubojański
Sep 16, 2016, 7:05:42 AM9/16/16
to OWASP ZAP Scripts
Hi,
I'm trying to add my own script to fuzzer - payloadgenerator. I have written a simple script (python) into a payloadgenerator directory, put the parent directory in the script configuration. Unfortunately the fuzzer -> payload -> script doesn't list my script.
I have found a bunch of example script in /.ZAP/scripts/templates - so I have added also this directory to my script dir. Unfortunately sill no scripts are listed :(
I'm using 2.5.0 version on ubuntu, jython is installed.
What could be wrong ?
I have found a bunch of example script in /.ZAP/scripts/templates - so I have added also this directory to my script dir. Unfortunately sill no scripts are listed :(
I'm using 2.5.0 version on ubuntu, jython is installed.
What could be wrong ?
Lukasz
thc...@gmail.com
Sep 16, 2016, 7:13:23 AM9/16/16
to zaproxy...@googlegroups.com
Hi.
It's not enough to put the script in the directory, you also need to add
it to ZAP (and be enabled to be able to select it in the Fuzzer dialogue).
You can load/add the script using the option "Load Script..." in the
Scripts tab. [1] (Or, with the command line args. [2])
[1] https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsScriptsTree
[2] https://github.com/zaproxy/zaproxy/wiki/FAQscriptCmdLine
Best regards.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Scripts" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-scrip...@googlegroups.com
> <mailto:zaproxy-scrip...@googlegroups.com>.
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/zaproxy-scripts/0f09dacc-5bb7-49cf-a2f7-dc9435a5b6a0%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-scripts/0f09dacc-5bb7-49cf-a2f7-dc9435a5b6a0%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
It's not enough to put the script in the directory, you also need to add
it to ZAP (and be enabled to be able to select it in the Fuzzer dialogue).
You can load/add the script using the option "Load Script..." in the
Scripts tab. [1] (Or, with the command line args. [2])
[1] https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsScriptsTree
[2] https://github.com/zaproxy/zaproxy/wiki/FAQscriptCmdLine
Best regards.
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Scripts" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-scrip...@googlegroups.com
> <mailto:zaproxy-scrip...@googlegroups.com>.
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/zaproxy-scripts/0f09dacc-5bb7-49cf-a2f7-dc9435a5b6a0%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-scripts/0f09dacc-5bb7-49cf-a2f7-dc9435a5b6a0%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
thc...@gmail.com
Sep 16, 2016, 7:20:09 AM9/16/16
to zaproxy...@googlegroups.com
I might have not read correctly your steps, you are adding the directory
to ZAP, right? [1]
[1] https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsOptionsScript
Best regards.
to ZAP, right? [1]
[1] https://github.com/zaproxy/zap-core-help/wiki/HelpUiDialogsOptionsScript
Best regards.
Ailton Caetano
Sep 21, 2016, 12:05:47 PM9/21/16
to zaproxy...@googlegroups.com
Besides that templates folder you mentioned (/.ZAP/scripts/templates) there should be a scripts folder (/.ZAP/scripts/scripts). That is the folder where you should put your payload generator script into, or at least it is the one i put mine into and i'm able to add them to ZAP.
[]'s Ailton
>> an email to zaproxy-scripts+unsubscribe@googlegroups.com
>> <mailto:zaproxy-scripts+unsub...@googlegroups.com>.
>> To view this discussion on the web, visit
>> https://groups.google.com/d/msgid/zaproxy-scripts/0f09dacc-5bb7-49cf-a2f7-dc9435a5b6a0%40googlegroups.com
>> <https://groups.google.com/d/msgid/zaproxy-scripts/0f09dacc-5bb7-49cf-a2f7-dc9435a5b6a0%40googlegroups.com?utm_medium=email&utm_source=footer>.
>> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "OWASP ZAP Scripts" group.
To view this discussion on the web, visit https://groups.google.com/d/msgid/zaproxy-scripts/e5b26b0e-f70e-2cad-20a7-dd1dd4d6af58%40gmail.com.To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-scripts+unsubscribe@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages