Socket timeout while reading first message - ZAP API 2.6.0

[Jorge MG]

Hello guys,

I have deployed the stable 2.6.0 version in jelastic as follow:

entry point:  /bin/sh -c

commands:  zap.sh -daemon -host 0.0.0.0 -port 8090 -config api.disablekey=true -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true

The application deploys properly as you can see in the following piece of log file:

....

13074 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtensionJxBrowserLinux64 13074 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing ExtSelJxBrowserLinux64 13192 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Easy way to replace strings in requests and responses 13194 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader - Initializing Context alert rules filter 14262 [ZAP-daemon] INFO org.zaproxy.zap.extension.callback.ExtensionCallback - Started callback server on 0.0.0.0:42039 14262 [ZAP-daemon] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - Creating new root CA certificate 17579 [ZAP-daemon] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - New root CA certificate created 17584 [ZAP-daemon] INFO org.zaproxy.zap.DaemonBootstrap - ZAP is now listening on 0.0.0.0:8090

...

But when I try to access to the application to show the landing page, it does not responds and the only I can see from the logs is the following errors:

...

137416 [ZAP-ProxyThread-2] WARN org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading first message. 150517 [ZAP-ProxyThread-3] WARN org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading first message. 167515 [ZAP-ProxyThread-5] WARN org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading first message. 180529 [ZAP-ProxyThread-6] WARN org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading first message.

...

Any idea? I can run the same stable image locally in my docker container, but not from jelastic (I am using MIRHosting - https://app.mircloud.host/)

What I am doing wrong here? Or do I need to make any additional step I am missing?

Thanks in advance for any help on this.

Kind regards

[Jorge MG]

I forgot to give you more details about the output when accessing via the browser.

This is the exception the browser shows me:

ZAP Error [java.net.ConnectException]: Connection refused (Connection refused)

Stack Trace:
java.net.ConnectException: Connection refused (Connection refused)
	at java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
	at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
	at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
	at java.net.Socket.connect(Socket.java:589)
	at java.net.Socket.connect(Socket.java:538)
	at java.net.Socket.<init>(Socket.java:434)
	at java.net.Socket.<init>(Socket.java:286)
	at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80)
	at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122)
	at org.apache.commons.httpclient.HttpConnection.open(Unknown Source)
	at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source)
	at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source)
	at org.parosproxy.paros.network.HttpSender.send(Unknown Source)
	at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
	at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(Unknown Source)
	at org.parosproxy.paros.core.proxy.ProxyThread.run(Unknown Source)
	at java.lang.Thread.run(Thread.java:745)

Regards

[Hariprasad kavyashree]

Me too getting the same error. with version ZAP 2.6

Running zap in daemon mode .

Thanks,

-Hariprasad

[Simon Bennetts]

Hariprasad - can you give us some more details?
What are you doing and what are you seeing or not seeing?

Cheers,

Simon

[Hariprasad kavyashree]

Hello Simon,

The issue I have raised https://groups.google.com/forum/#!searchin/zaproxy-users/Help$20required$20in$20running$20the$20ZAP$20in$20daemon$20mode$20with$20selenium$20scripts$20integration%7Csort:relevance/zaproxy-users/2YWAlGaccS0/0ZFVQwrZBAAJ 

I could see some of the screenshot of the failed testcases with the infomation "ZAP Error [java.net.ConnectException]: Connection refused (Connection refused)".

Note: I thought ZAP would have been stopped but I checked using the command ps -ef | grep zap. could able to see zap is running.

Thanks,

-Hariprasad

[ja...@partnertap.com]

Jorge, did you get anywhere on this? I'm seeing the same issue. The only difference possibly is I'm running Zap in a docker container.

[thc...@gmail.com]

Hi.

Which ZAP version? Does ZAP (or the docker container) have permissions
to access network resources and reach the target? That (connection
refused) might happen, for example, if there's a firewall in the way.

Best regards.

>>> entry point: * /bin/sh -c*
>>> commands: *zap.sh -daemon -host 0.0.0.0 -port 8090 -config
>>> api.disablekey=true -config api.addrs.addr.name
>>> <http://api.addrs.addr.name>=.* -config api.addrs.addr.regex=true*

>>>
>>> The application deploys properly as you can see in the following piece of
>>> log file:
>>>

>>> *....*
>>>
>>> *13074 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader -

>>> Initializing ExtensionJxBrowserLinux64 13074 [ZAP-daemon] INFO
>>> org.parosproxy.paros.extension.ExtensionLoader - Initializing
>>> ExtSelJxBrowserLinux64 13192 [ZAP-daemon] INFO
>>> org.parosproxy.paros.extension.ExtensionLoader - Initializing Easy way to
>>> replace strings in requests and responses 13194 [ZAP-daemon] INFO
>>> org.parosproxy.paros.extension.ExtensionLoader - Initializing Context alert
>>> rules filter 14262 [ZAP-daemon] INFO
>>> org.zaproxy.zap.extension.callback.ExtensionCallback - Started callback

>>> server on 0.0.0.0:42039 <http://0.0.0.0:42039> 14262 [ZAP-daemon] INFO

>>> org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - Creating new root CA
>>> certificate 17579 [ZAP-daemon] INFO
>>> org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - New root CA certificate
>>> created 17584 [ZAP-daemon] INFO org.zaproxy.zap.DaemonBootstrap - ZAP is

>>> now listening on 0.0.0.0:8090 <http://0.0.0.0:8090>*
>>> *...*

>>>
>>> But when I try to access to the application to show the landing page, it
>>> does not responds and the only I can see from the logs is the following
>>> errors:
>>>

>>> *...*
>>>
>>> *137416 [ZAP-ProxyThread-2] WARN

>>> org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading
>>> first message. 150517 [ZAP-ProxyThread-3] WARN
>>> org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading
>>> first message. 167515 [ZAP-ProxyThread-5] WARN
>>> org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading
>>> first message. 180529 [ZAP-ProxyThread-6] WARN
>>> org.parosproxy.paros.core.proxy.ProxyThread - Socket timeout while reading

>>> first message.*
>>> *...*

[ja...@partnertap.com]

I'm running the the stable version of the docker container:

org.zaproxy.zap.DaemonBootstrap  - OWASP ZAP 2.7.0 started 31/01/18 22:10:15 with home /home/zap/.ZAP/

I'm just doing local testing at the moment on a mac. 

I start the container like so:

docker run --name zapper --user zap -p 8090:8090 -i partnertap/zap:1.0.0 zap.sh -daemon -host 0.0.0.0 -port 8090 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.disablekey=true

Then I point my Firefox proxy to 0.0.0.0:8090. I've also tried the containers ip address which is 172.17.0.2

It seemed to work once after restarted ZAP a few times, but then failed again.

Any ideas?

[kingthorin+owaspzap]

The problem might be your Firefox proxy config. 0.0.0.0 means all interfaces, I have no idea how Firefox will interpret/deal with that....

[ja...@partnertap.com]

I tried 172.17.0.2 the ip of the zap container with the same result. 

I got the ip like so:

docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' zapper

[ja...@partnertap.com]

So I'm new to Docker and ZAP, and apparently a bit dense.  After way too much reading of other peoples issues I tried setting my firefox proxy to 127.0.0.1:8090 and I'm pretty sure it's working now, but getting a CORS error...

[ja...@partnertap.com]

Turns out I'm getting 502 Bad Gateway response on anything sent to the zap proxy from firefox.

Here's the stack trace:

ZAP Error [java.net.ConnectException]: Connection refused (Connection refused)

Stack Trace:
java.net.ConnectException: Connection refused (Connection refused)
	at java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
	at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
	at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
	at java.net.Socket.connect(Socket.java:589)
	at java.net.Socket.connect(Socket.java:538)
	at java.net.Socket.<init>(Socket.java:434)
	at java.net.Socket.<init>(Socket.java:286)
	at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80)
	at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122)
	at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:727)
	at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:447)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:199)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.parosproxy.paros.network.HttpSender.executeMethod(HttpSender.java:333)
	at org.parosproxy.paros.network.HttpSender.runMethod(HttpSender.java:564)
	at org.parosproxy.paros.network.HttpSender.send(HttpSender.java:523)
	at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:501)
	at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:490)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:405)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:362)
	at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:509)
	at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:317)
	at java.lang.Thread.run(Thread.java:748)