va.lang.NumberFormatException.forInputString(Unknown Source)
98 views
Skip to first unread message
RAMKRISHAN Patil
Jan 27, 2016, 11:12:51 AM1/27/16
to OWASP ZAP Developer Group
I am facing this problem i have inegrated ZAProxy pulgin into jenkins but facing this error
Build succeeded. "D:\Unicentric\TestingBuild\CI_Build\LCM\UnicentricMaster.sln" (default target) (1) -> "D:\Unicentric\TestingBuild\CI_Build\LCM\Core\Unicentric.vbproj" (default target) (2) -> (ResolveAssemblyReferences target) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Common.targets(1605,5): warning MSB3245: Could not resolve this reference. Could not locate the assembly "SharedCache.WinServiceCommon". Check to make sure the assembly exists on disk. If this reference is required by your code, you may get compilation errors. [D:\Unicentric\TestingBuild\CI_Build\LCM\Core\Unicentric.vbproj] "D:\Unicentric\TestingBuild\CI_Build\LCM\UnicentricMaster.sln" (default target) (1) -> "D:\Unicentric\TestingBuild\CI_Build\LCM\wwwroot\UnicentricWeb.vbproj" (default target) (6) -> "D:\Unicentric\TestingBuild\CI_Build\LCM\PenAndPaper\Unicentric.PenAndPaper.vbproj" (default target) (8) -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Common.targets(1605,5): warning MSB3270: There was a mismatch between the processor architecture of the project being built "MSIL" and the processor architecture of the reference "VisImage.Barcode Class Library, Version=1.0.0.1, Culture=neutral, processorArchitecture=x86", "x86". This mismatch may cause runtime failures. Please consider changing the targeted processor architecture of your project through the Configuration Manager so as to align the processor architectures between your project and references, or take a dependency on references with a processor architecture that matches the targeted processor architecture of your project. [D:\Unicentric\TestingBuild\CI_Build\LCM\PenAndPaper\Unicentric.PenAndPaper.vbproj] C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Common.targets(1605,5): warning MSB3270: There was a mismatch between the processor architecture of the project being built "MSIL" and the processor architecture of the reference "VisImage.NET Class Library, Version=1.0.0.1, Culture=neutral, processorArchitecture=x86", "x86". This mismatch may cause runtime failures. Please consider changing the targeted processor architecture of your project through the Configuration Manager so as to align the processor architectures between your project and references, or take a dependency on references with a processor architecture that matches the targeted processor architecture of your project. [D:\Unicentric\TestingBuild\CI_Build\LCM\PenAndPaper\Unicentric.PenAndPaper.vbproj] 3 Warning(s) 0 Error(s) Time Elapsed 00:00:14.38 Perform ZAProxyzapProgram = C:\Program Files\Jenkins\tools\com.cloudbees.jenkins.plugins.customtools.CustomTool\ZAProxy_2.4.3\ZAP_2.4.3 targetURL = http://192.168.9.230/LCMGitCode/Login/Index zapProxyHost = localhost zapProxyPort = 8090 jiraBaseURL = jiraUserName = jiraUserName = Start ZAProxy [C:\Program Files\Jenkins\tools\com.cloudbees.jenkins.plugins.customtools.CustomTool\ZAProxy_2.4.3\ZAP_2.4.3\zap.bat] [ZAP_2.4.3] $ "C:\Program Files\Jenkins\tools\com.cloudbees.jenkins.plugins.customtools.CustomTool\ZAProxy_2.4.3\ZAP_2.4.3\zap.bat" -daemon -host localhost -port 8090 -config api.key=ZAPROXY-PLUGIN -config scanner.defaultPolicy=OnlySQLInjection -dir /home/ludovicroucoux/.ZAP Skip loadSession URL http://192.168.9.230/LCMGitCode/Login/Index added to Context [window.location.replace('/login?from=%2Fxml%2Fcontext%2Faction%2FnewContext%2F%3FcontextName%3Dcontext1%26apikey%3DZAPROXY-PLUGIN%26'); Authentication required ] SCANMOD : AUTHENTICATED Setting up Authentication Form Based Authentication added to context Logged in indicator <div style="margin-right: 10px;" class="dash-welcome right"> Welcome <span class="username">demo</span> </div> added to context New user added. username :demo User : demo is now Enabled Spider the site [http://192.168.9.230/LCMGitCode/Login/Index] as user [demo] ERROR: java.lang.NumberFormatException: For input string: "window.location.replace('/login?from=%2Fxml%2Fspider%2Fview%2Fstatus%2F%3FscanId%3D%26'); Authentication required " at java.lang.NumberFormatException.forInputString(Unknown Source) at java.lang.Integer.parseInt(Unknown Source) at java.lang.Integer.parseInt(Unknown Source) at fr.novia.zaproxyplugin.ZAProxy.statusToInt(ZAProxy.java:1270) at fr.novia.zaproxyplugin.ZAProxy.spiderURLAsUser(ZAProxy.java:1540) at fr.novia.zaproxyplugin.ZAProxy.executeZAP(ZAProxy.java:1118) at fr.novia.zaproxyplugin.ZAProxyBuilder$ZAProxyCallable.invoke(ZAProxyBuilder.java:393) at fr.novia.zaproxyplugin.ZAProxyBuilder$ZAProxyCallable.invoke(ZAProxyBuilder.java:379) at hudson.FilePath.act(FilePath.java:990) at hudson.FilePath.act(FilePath.java:968) at fr.novia.zaproxyplugin.ZAProxyBuilder.perform(ZAProxyBuilder.java:205) at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20) at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:782) at hudson.model.Build$BuildExecution.build(Build.java:205) at hudson.model.Build$BuildExecution.doRun(Build.java:162) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:534) at hudson.model.Run.execute(Run.java:1738) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:410) Shutdown ZAProxy Build step 'Execute ZAProxy' marked build as failure C:\Program Files\Jenkins\tools\com.cloudbees.jenkins.plugins.customtools.CustomTool\ZAProxy_2.4.3\ZAP_2.4.3>if exist "\OWASP ZAP\.ZAP_JVM.properties" (set /p jvmopts= 0<"\OWASP ZAP\.ZAP_JVM.properties" ) else (set jvmopts=-Xmx512m ) C:\Program Files\Jenkins\tools\com.cloudbees.jenkins.plugins.customtools.CustomTool\ZAProxy_2.4.3\ZAP_2.4.3>java -Xmx512m -jar zap-2.4.3.jar -daemon -host localhost -port 8090 -config api.key=ZAPROXY-PLUGIN -config scanner.defaultPolicy=OnlySQLInjection -dir /home/ludovicroucoux/.ZAPFinished: FAILURE
thc...@gmail.com
Jan 28, 2016, 4:03:06 AM1/28/16
to zaproxy...@googlegroups.com
Hi.
Based on returned messages, it seems that the Jenkins plugin is not
connecting to ZAP API.
Are you sure that ZAP is able to start and listen on 8090?
Does the directory "/home/ludovicroucoux/" exist in your file system?
ZAP expects an existing directory for the "-dir" command line argument,
otherwise it will fail to start (since it's not able to set up the
"home" directory).
Best regards.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
> <mailto:zaproxy-devel...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
Based on returned messages, it seems that the Jenkins plugin is not
connecting to ZAP API.
Are you sure that ZAP is able to start and listen on 8090?
Does the directory "/home/ludovicroucoux/" exist in your file system?
ZAP expects an existing directory for the "-dir" command line argument,
otherwise it will fail to start (since it's not able to set up the
"home" directory).
Best regards.
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
> <mailto:zaproxy-devel...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
RAMKRISHAN Patil
Jan 28, 2016, 6:16:46 AM1/28/16
to OWASP ZAP Developer Group
Hi
Thanks for your reply I have resolved that issue but stuck on next one please provide me some info related with following issue
84529 [pool-1-thread-2] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 7, active=false, tokenValues=''] 84529 [pool-1-thread-2] ERROR org.zaproxy.zap.authentication.FormBasedAuthenticationMethodType - Unable to send authentication message: Read timed out 84529 [pool-1-thread-2] INFO org.zaproxy.zap.users.User - Authentication failed for user: demo 84529 [pool-1-thread-1] INFO org.zaproxy.zap.users.User - Authenticating user: demo 84829 [pool-1-thread-1] WARN org.zaproxy.zap.spider.URLCanonicalizer - Error while Processing URL in the spidering process (on base ): Host could not be reliably evaluated from: http://www.texotela.co.uk) 84829 [pool-1-thread-1] WARN org.zaproxy.zap.spider.URLCanonicalizer - Error while Processing URL in the spidering process (on base ): Host could not be reliably evaluated from: http://www.texotela.co.uk) 84845 [pool-1-thread-2] INFO org.zaproxy.zap.spider.Spider - Spidering process is complete. Shutting down... 84845 [Thread-5] INFO org.zaproxy.zap.extension.spider.SpiderThread - Spider scanning complete: trueAjax Spider the site [http://192.168.9.230/LCMGitCode/] as user [demo] 85199 [ZAP-ProxyThread-254] WARN org.zaproxy.zap.extension.api.API - ApiException while handling API request: No Implementor (no_implementor) at org.zaproxy.zap.extension.api.API.handleApiRequest(Unknown Source) at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(Unknown Source) at org.parosproxy.paros.core.proxy.ProxyThread.run(Unknown Source) at java.lang.Thread.run(Unknown Source) ERROR: org.zaproxy.clientapi.core.ClientApiException: No Implementor at org.zaproxy.clientapi.core.ApiResponseFactory.getResponse(Unknown Source) at org.zaproxy.clientapi.core.ClientApi.callApi(Unknown Source) at org.zaproxy.clientapi.gen.AjaxSpider.scan(Unknown Source) at fr.novia.zaproxyplugin.ZAProxy.ajaxSpiderURL(ZAProxy.java:1561) at fr.novia.zaproxyplugin.ZAProxy.executeZAP(ZAProxy.java:1129) at fr.novia.zaproxyplugin.ZAProxyBuilder$ZAProxyCallable.invoke(ZAProxyBuilder.java:393) at fr.novia.zaproxyplugin.ZAProxyBuilder$ZAProxyCallable.invoke(ZAProxyBuilder.java:379) at hudson.FilePath.act(FilePath.java:990) at hudson.FilePath.act(FilePath.java:968) at fr.novia.zaproxyplugin.ZAProxyBuilder.perform(ZAProxyBuilder.java:205) at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20) at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:782) at hudson.model.Build$BuildExecution.build(Build.java:205) at hudson.model.Build$BuildExecution.doRun(Build.java:162) at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:534) at hudson.model.Run.execute(Run.java:1738) at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43) at hudson.model.ResourceController.execute(ResourceController.java:98) at hudson.model.Executor.run(Executor.java:410) Shutdown ZAProxy Build step 'Execute ZAProxy' marked build as failure86419 [Thread-6] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start 86827 [Thread-6] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Database closed 86952 [Thread-6] INFO org.zaproxy.zap.extension.api.CoreAPI - OWASP ZAP 2.4.3 terminated.Finished: FAILURE
thc...@gmail.com
Jan 28, 2016, 6:25:29 AM1/28/16
to zaproxy...@googlegroups.com
Hi.
That error means that the AJAX Spider add-on is not installed (or not
being run).
Which ZAP package are you using? Standard? [1]
[1] https://github.com/zaproxy/zaproxy/wiki/Downloads
Best regards.
On 28/01/16 11:16, RAMKRISHAN Patil wrote:
> 84829 [pool-1-thread-1] WARN org.zaproxy.zap.spider.URLCanonicalizer - Error while Processing URL in the spidering process (on base ): Host could not be reliably evaluated from: http://www.texotela.co.uk <http://www.texotela.co.uk/>)
That error means that the AJAX Spider add-on is not installed (or not
being run).
Which ZAP package are you using? Standard? [1]
[1] https://github.com/zaproxy/zaproxy/wiki/Downloads
Best regards.
On 28/01/16 11:16, RAMKRISHAN Patil wrote:
> Hi
>
>
> Thanks for your reply I have resolved that issue but stuck on next one
> please provide me some info related with following issue
>
> 84529 [pool-1-thread-2] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 7, active=false, tokenValues='']
> 84529 [pool-1-thread-2] ERROR org.zaproxy.zap.authentication.FormBasedAuthenticationMethodType - Unable to send authentication message: Read timed out
> 84529 [pool-1-thread-2] INFO org.zaproxy.zap.users.User - Authentication failed for user: demo
> 84529 [pool-1-thread-1] INFO org.zaproxy.zap.users.User - Authenticating user: demo
> 84829 [pool-1-thread-1] WARN org.zaproxy.zap.spider.URLCanonicalizer - Error while Processing URL in the spidering process (on base ): Host could not be reliably evaluated from: http://www.texotela.co.uk <http://www.texotela.co.uk/>)
>
>
> Thanks for your reply I have resolved that issue but stuck on next one
> please provide me some info related with following issue
>
> 84529 [pool-1-thread-2] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 7, active=false, tokenValues='']
> 84529 [pool-1-thread-2] ERROR org.zaproxy.zap.authentication.FormBasedAuthenticationMethodType - Unable to send authentication message: Read timed out
> 84529 [pool-1-thread-2] INFO org.zaproxy.zap.users.User - Authentication failed for user: demo
> 84529 [pool-1-thread-1] INFO org.zaproxy.zap.users.User - Authenticating user: demo
> 84829 [pool-1-thread-1] WARN org.zaproxy.zap.spider.URLCanonicalizer - Error while Processing URL in the spidering process (on base ): Host could not be reliably evaluated from: http://www.texotela.co.uk <http://www.texotela.co.uk/>)
RAMKRISHAN Patil
Jan 28, 2016, 6:47:24 AM1/28/16
to OWASP ZAP Developer Group
I am using ZAP 2.4.3. Is it required to install it on machine also ???
> <mailto:zaproxy-develop+unsub...@googlegroups.com>.
RAMKRISHAN Patil
Jan 28, 2016, 11:26:52 AM1/28/16
to OWASP ZAP Developer Group
Hello
I am facing this issue please give me solution its urgent this user and password is entered correct but giving same error many time at the time of scan
2196236 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 195, active=false, tokenValues=''] 2196236 [ZAP-ActiveScanner-0] ERROR org.zaproxy.zap.authentication.FormBasedAuthenticationMethodType - Unable to send authentication message: Read timed out 2196236 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.users.User - Authentication failed for user: demo 2196237 [ZAP-ActiveScanner-1] INFO org.zaproxy.zap.users.User - Authenticating user: demo 2196398 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.users.User - Authenticating user: demo 2196553 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Created a new session as no match was found: HttpSession [name=Session 196, active=false, tokenValues='']
2196559 [ZAP-ActiveScanner-0] INFO org.zaproxy.zap.users.User - Authenticating user: demo
thc...@gmail.com
Jan 29, 2016, 4:38:55 AM1/29/16
to zaproxy...@googlegroups.com
Hi.
You don't need to install. How are you starting ZAP?
Which URL did you use to download ZAP?
Best regards.
> > <mailto:zaproxy-devel...@googlegroups.com>.
You don't need to install. How are you starting ZAP?
Which URL did you use to download ZAP?
Best regards.
> > For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
> <mailto:zaproxy-devel...@googlegroups.com>.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
thc...@gmail.com
Jan 29, 2016, 4:40:59 AM1/29/16
to zaproxy...@googlegroups.com
Does the authentication work correctly when running just ZAP (without
the Jenkins plugin)?
Messages like "Authenticating user: demo" are expected if the message is
not authenticated or if the user was logged out in the meantime.
Best regards.
the Jenkins plugin)?
Messages like "Authenticating user: demo" are expected if the message is
not authenticated or if the user was logged out in the meantime.
Best regards.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
> <mailto:zaproxy-devel...@googlegroups.com>.
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP Developer Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-devel...@googlegroups.com
RAMKRISHAN Patil
Jan 29, 2016, 10:01:02 AM1/29/16
to OWASP ZAP Developer Group
Hi,
at the time of manual ZAP working it properly but in the Jenkins it gives error
thc...@gmail.com
Feb 4, 2016, 4:02:44 AM2/4/16
to zaproxy...@googlegroups.com
Hi.
Can you confirm that all the data introduced in the plugin is correct?
It should work the same as configuring ZAP manually.
Do you see the authentication request in the server side? Perhaps being
ignored/rejected?
Best regards.
Can you confirm that all the data introduced in the plugin is correct?
It should work the same as configuring ZAP manually.
Do you see the authentication request in the server side? Perhaps being
ignored/rejected?
Best regards.
Reply all
Reply to author
Forward
0 new messages