Unable to import HAR into ZAP

[ZAP User]

Hi ,

I'm using the weekly ZAP release (D-2022-03-28) on a windows machine. I generated a HAR file using Firefox by navigating through the OWASP Juice shop application. When I tried to import the HAR file into ZAP, I received an error "Could not import the file C:\<path>\myfile.har"

Here is what I see in the zap logs.

2022-03-29 17:17:11,058 [ZAP-Import-Har-3] WARN  MenuImportHar - Couldn't count entries in: C:\<path>\myfile.har
2022-03-29 17:17:11,084 [ZAP-Import-Har-3] WARN  HarImporter - Error importing  C:\<path>\myfile.har

Could you please suggest what could be wrong here ?

[kingthorin+owaspzap]

If the entries couldn't be counted then it seems like it's malformed somehow.

Are you able to import it with Chrome or Firefox dev tools?

Are you able to share the archive?

[ZAP User]

Yes, I'm able to import it via Firefox dev tools.
I have attached the HAR file.

[kingthorin+owaspzap]

Thanks for the sample.

One more question, did you create it with ZAP to start with? A browser? Another tool?

[kingthorin+owaspzap]

Oh disregard, I see the content says it was created with Firefox :)

[kingthorin+owaspzap]

I found the problem. Amazingly it's Firefox.

Firefox claims that the content is encoded, but then doesn't actually save it encoded:

          "content": {
            "mimeType": "application/vnd.mozilla.json.view; charset=utf-8",
            "size": 18755,
            "encoding": "base64",
            "text": "{\"config\":{\"server\":{\"port\":3000,\"basePath\":\"\"},...snip

It should be more like:

        "content" : {
          "size" : 18755,
          "compression" : 0,
          "mimeType" : "application/json; charset=utf-8",

          "encoding" : "base64"
          "text" : "eyJjb25maWciOnsic2VydmVyIjp7InBvcnQiOjMwMDAsImJhc2VQYXRoIjoiIn0sImFwcGxpY2F0aW9uIjp7ImRvb...snip
        },

[kingthorin+owaspzap]

I've filed a bug if anyone feels the need to add details/examples.

https://bugzilla.mozilla.org/show_bug.cgi?id=1762313

[thc...@gmail.com]

The provided HAR file does not have encoding field though. Seems to be
other problem.

Best regards.

[ZAP User]

I tried to generate the HAR file via Chrome and imported the same into ZAP.

I received the below error. Attached is the HAR file.

2022-03-31 13:47:29,740 [ZAP-Import-Har-2] ERROR UncaughtExceptionLogger - Exception in thread "ZAP-Import-Har-2"
java.lang.NullPointerException: null
    at edu.umass.cs.benchlab.har.HarCustomFields.addHarCustomFields(HarCustomFields.java:122) ~[harlib-1.1.3.jar:?]
    at edu.umass.cs.benchlab.har.HarCustomFields.addHarCustomFields(HarCustomFields.java:130) ~[harlib-1.1.3.jar:?]
    at edu.umass.cs.benchlab.har.HarEntry.<init>(HarEntry.java:197) ~[harlib-1.1.3.jar:?]
    at edu.umass.cs.benchlab.har.HarEntries.<init>(HarEntries.java:86) ~[harlib-1.1.3.jar:?]
    at edu.umass.cs.benchlab.har.HarLog.<init>(HarLog.java:131) ~[harlib-1.1.3.jar:?]
    at edu.umass.cs.benchlab.har.tools.HarFileReader.readHarFile(HarFileReader.java:112) ~[harlib-1.1.3.jar:?]
    at edu.umass.cs.benchlab.har.tools.HarFileReader.readHarFile(HarFileReader.java:87) ~[harlib-1.1.3.jar:?]
    at org.zaproxy.addon.exim.har.MenuImportHar$1.run(MenuImportHar.java:70) ~[?:?]

[ZAP User]

ZAP Team -

Also, in the interim I would like to ask if there is any suggestion for my situation below...

#1) I'm working on a controlled environment where my browsers are managed by the Organization and I can not modify the proxy to route the traffic to ZAP. 
#2) As a workaround, I thought to capture the requests by generating HAR and importing it into ZAP. As we face issues with the HAR import, this option is ruled out.

Is there any way we can instruct the browser traffic to be captured in ZAP other than options 1 & 2 ?

Thanks in advance !

[kingthorin+owaspzap]

If the underlying library (harlib) is rejecting the input there isn't much we can do. I'll do some fiddling with it over the next few days and see if there's something we can work around or if we can reach out with specific examples for support/updates.

thc202 good catch on that being missing in the original set.

As for other proxying options.

1) Can you launch a browser from within ZAP?

2) In many modern Operating Systems you can set environment variables for proxy.

3) Can you run a VM in which you can control things?

[Kevin W. Wall]

On Thu, Mar 31, 2022, 3:52 PM kingthorin+owaspzap <kingt...@gmail.com> wrote:

As for other proxying options.

1) Can you launch a browser from within ZAP?

2) In many modern Operating Systems you can set environment variables for proxy.

3) Can you run a VM in which you can control things?

Or, if you have local admin privileges on your company computer, you can try to use TCP port forwarding and forward destination ports 80 and/or 443 to whatever port you have ZAP listening on. Just be sure to undo it afterwards.

-kevin

--
You received this message because you are subscribed to the Google Groups "OWASP ZAP Developer Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-devel...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/zaproxy-develop/33b0c804-1cdc-4731-b9bb-6286b0828dddn%40googlegroups.com.

[kingthorin+owaspzap]

Quick update on this. I haven't forgotten about it. I unfortunately haven't had a chance to do any testing yet, but I do still plan to.

The Firefox issue I reported has been validated and accepted.

[ZAP User]

Thanks for the update @kingthorin..

[kingthorin+owaspzap]

FYI I've reached out to the harlib author via email.