Error running active scan: "url_not_found"

199 views
Skip to first unread message

Manojkumar S.J

unread,
Nov 6, 2020, 10:50:34 AM11/6/20
to OWASP ZAP User Group
Hi Everyone,

We are running a Active ZAP scan for our site and facing some issues with the scan not able to run properly or give the desired results. Did go through the forum and documentation and was able to rule out all the checks mentioned below
  • Server is up and running before scan starts
  • URL is accessible for the script to execute
  • URL is present in the site structure

Please find the data for the setup which we have for the scan. Any leads or pointers to fix this issue would be much appreciated. Thanks

ZAP: owasp/zap2docker-stable


Code Snippet:

targetURL=$1

zap-cli --verbose --boring start --start-options "-Xmx2g -config api.disablekey=true -config scanner.attackOnStart=true -config view.mode=attack -config connection.dnsTtlSuccessfulQueries=-1 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true"

zap-cli context import $(pwd)/ci/zap-context.xml

zap-cli --verbose --boring quick-scan --context-name zap-context --scanners all --alert-level Informational --recursive --spider --ajax-spider $targetURL


Context File:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<configuration>
    <context>
        <name>zap-context</name>
        <desc/>
        <inscope>true</inscope>
        <incregexes>^(https\:\/\/www\.testdomain\.com\/samplepage).*$</incregexes>
        <excregexes>^(?!https\:\/\/www\.testdomain\.com\/samplepage).*$</excregexes>
        <tech>
            <include>Language.JSP/Servlet</include>
            <include>Language.Java</include>
            <include>Language.JavaScript</include>
            <include>Language.XML</include>
            <include>OS</include>
            <include>OS.Linux</include>
            <include>OS.MacOS</include>
            <include>OS.Windows</include>
            <include>WS.Apache</include>
            <exclude>Db</exclude>
            <exclude>Db.CouchDB</exclude>
            <exclude>Db.Firebird</exclude>
            <exclude>Db.HypersonicSQL</exclude>
            <exclude>Db.IBM DB2</exclude>
            <exclude>Db.Microsoft Access</exclude>
            <exclude>Db.Microsoft SQL Server</exclude>
            <exclude>Db.MongoDB</exclude>
            <exclude>Db.MySQL</exclude>
            <exclude>Db.Oracle</exclude>
            <exclude>Db.PostgreSQL</exclude>
            <exclude>Db.SAP MaxDB</exclude>
            <exclude>Db.SQLite</exclude>
            <exclude>Db.Sybase</exclude>
            <exclude>Language</exclude>
            <exclude>Language.ASP</exclude>
            <exclude>Language.C</exclude>
            <exclude>Language.PHP</exclude>
            <exclude>Language.Python</exclude>
            <exclude>Language.Ruby</exclude>
            <exclude>SCM</exclude>
            <exclude>SCM.Git</exclude>
            <exclude>SCM.SVN</exclude>
            <exclude>WS</exclude>
            <exclude>WS.IIS</exclude>
            <exclude>WS.Tomcat</exclude>
        </tech>
        <urlparser>
            <class>org.zaproxy.zap.model.StandardParameterParser</class>
            <config>{"kvps":"&amp;","kvs":"=","struct":[]}</config>
        </urlparser>
        <postparser>
            <class>org.zaproxy.zap.model.StandardParameterParser</class>
            <config>{"kvps":"&amp;","kvs":"=","struct":[]}</config>
        </postparser>
        <authentication>
            <type>0</type>
        </authentication>
        <forceduser>-1</forceduser>
        <session>
            <type>0</type>
        </session>
        <authorization>
            <type>0</type>
            <basic>
                <header/>
                <body/>
                <logic>AND</logic>
                <code>-1</code>
            </basic>
        </authorization>
    </context>
</configuration>

Script Logs:

[INFO]            Starting ZAP daemon

[DEBUG]           Starting ZAP process with command: /zap/zap.sh -daemon -port 8080 -Xmx2g -config api.disablekey=true -config scanner.attackOnStart=true -config view.mode=attack -config connection.dnsTtlSuccessfulQueries=-1 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true.

[DEBUG]           Logging to /zap/zap.log

[DEBUG]           ZAP started successfully.

[INFO]            Imported context from /var/lib/jenkins/workspace/ci/zap-context.xml

[INFO]            Running a quick scan for https://www.testdomain.com/samplepage

[DEBUG]           Disabling all current scanners

[DEBUG]           Enabling all scanners

[DEBUG]           Spidering target https://www.testdomain.com/samplepage...

[DEBUG]           Started spider with ID 0...

[DEBUG]           Spider progress %: 0

[DEBUG]           Spider #0 completed

[DEBUG]           AJAX Spidering target https://www.testdomain.com/samplepage...

[DEBUG]           AJAX Spider: running

[DEBUG]           AJAX Spider: running

[DEBUG]           AJAX Spider completed

[DEBUG]           Scanning target https://www.testdomain.com/samplepage...

[ERROR]           Error running active scan: "url_not_found". Make sure the URL is in the site tree by using the open-url or scanner commands before running an active scan.


ZAP Logs:

1604054366452 Marionette INFO Listening on port 36885
1604054366551 Marionette WARN TLS certificate errors will be ignored for this session
33971 [Forwarding newSession on session null to remote] INFO org.openqa.selenium.remote.ProtocolHandshake  - Detected dialect: W3C
35700 [ZAP-AjaxSpiderApi] INFO com.crawljax.core.CrawlController  - Received shutdown notice. Reason is Exausted
1604054368457 Marionette INFO Stopped listening on port 36885
37174 [ZAP-AjaxSpiderApi] INFO com.crawljax.core.CrawlController  - Shutdown process complete
37175 [ZAP-AjaxSpiderApi] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread  - Stopping proxy...
37276 [ZAP-AjaxSpiderApi] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread  - Proxy stopped.
37276 [ZAP-AjaxSpiderApi] INFO org.zaproxy.zap.extension.spiderAjax.SpiderThread  - Finished Crawljax: API - https://www.te..com/samplepage
43254 [ZAP-ProxyThread-36] WARN org.zaproxy.zap.extension.api.API  - Bad request to API endpoint [/JSON/ascan/action/scan/] from [127.0.0.1]:
URL Not Found in the Scan Tree (url_not_found)
at org.zaproxy.zap.extension.ascan.ActiveScanAPI.scanURL(ActiveScanAPI.java:910)
at org.zaproxy.zap.extension.ascan.ActiveScanAPI.handleApiAction(ActiveScanAPI.java:369)
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:506)
at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:499)
at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:335)
at java.lang.Thread.run(Thread.java:748) 

Regards,
Manoj

Manojkumar S.J

unread,
Nov 10, 2020, 7:26:19 AM11/10/20
to OWASP ZAP User Group
Hi Experts,

Could you please provide us some inputs or direction to resolve the above issue?
Thanks in advance.

Regards,
Manoj

INsomplan347

unread,
Nov 11, 2020, 6:16:34 AM11/11/20
to zaprox...@googlegroups.com
wkkwkwk 



--
You received this message because you are subscribed to the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/c20c83bb-7223-43aa-b46c-3821db8e3c7cn%40googlegroups.com.

Manojkumar S.J

unread,
Dec 22, 2020, 3:23:51 AM12/22/20
to OWASP ZAP User Group
Hi Everyone,

We were able to resolve this issue!! Seems like there was a volume corruption and clearing out the .zap folder and then pulling latest zap updates fixed the issue.

Cheers,
Manoj

Simon Bennetts

unread,
Dec 22, 2020, 4:09:41 AM12/22/20
to OWASP ZAP User Group
Thanks for letting us know!
Reply all
Reply to author
Forward
0 new messages