Accessing vulnerable parameter in HTTPSender script

[Imran Bagwan]

Hello,

Good day!

I have a scenario where I am capturing a specific error message returned by a web application. The response code is 200 OK when ZAP sends malicious data to an HTTP parameter. For example, the request might look like:
?param1=somevalidData&param2=<zapData>,
which causes the application to return a default error. However, ZAP does not capture this as an error for ZAP, as it does not register it as such.

I would like to capture the value of param2=<zapData> from the request body. Is there any way to capture this parameter?

I do have POST multipart/form-data, also wanted to capture the parameter here as well.

The problem I am encountering is that I create an alert when this specific error occurs, but multiple parameters can trigger the same error. However, when I raise the alert, only one is created, as I am not sending any unique data. To address this, I attempted to set the request body as Evidence. As a result, I now have a long list because ZAP iterates over the same parameter with multiple values.

Thank you!
Imran

[psiinon]

Hiya,

This is about how to use ZAP rather than how to work on ZAP code, so please ask on the User Group https://groups.google.com/g/zaproxy-users

Cheers,

Simon