ZAP locks up my pc every time i use it
408 views
Skip to first unread message
litorismike
Jul 26, 2023, 2:39:05 AM7/26/23
to OWASP ZAP User Group
It works well for the first ten minutes give or take, then after i do updates or during the updates, my cpu jumps up from from around 20-30% to 95-98%, if i dont shut zap down quickly my computer will lock up. It's a ryzen 5 5600x and rtx 3070 so it's confusing me, only happens with ZAP and it persisted through 12 to 13. sometimes, it wont though, i've had times where i go hours on it then it just goes haywire. i've made sure i dont have a ton of tabs/processes open and i watched the history and it wasnt flooding with requests. i noticed most times i checked netstat during this the PID for java that ZAP is on had another port listening way far off from the 8080
range i use sometimes on the same address sometimes a different local
one, not sure if that's a normal thing if you download a handful of the
extensions or maybe related, blocked connections to the port once and it didnt relieve it. i'm not sure how to address this, though. Any guidance on troubleshooting or maybe need a patch?
thc...@gmail.com
Jul 26, 2023, 3:19:47 AM7/26/23
to zaprox...@googlegroups.com
Hi.
Which add-ons do you have installed? Wappalyzer would be a suspect of
high CPU usage. But more details would be needed to know what the actual
problem is.
ZAP starts the callback server on an ephemeral port:
https://www.zaproxy.org/docs/desktop/start/features/callbacks/
Best regards.
Which add-ons do you have installed? Wappalyzer would be a suspect of
high CPU usage. But more details would be needed to know what the actual
problem is.
ZAP starts the callback server on an ephemeral port:
https://www.zaproxy.org/docs/desktop/start/features/callbacks/
Best regards.
litorismike
Jul 26, 2023, 3:49:40 AM7/26/23
to OWASP ZAP User Group
i have these ones:
ascanrules-release-56
authhelper-beta-0.9.0
automation-beta-0.30.0
bruteforce-beta-14
callhome-release-0.7.0
commonlib-release-1.15.0
database-alpha-0.2.0
diff-beta-13
domxss-release-16
encoder-release-1.2.0
exim-beta-0.6.0
formhandler-beta-6.4.0
fuzz-beta-13.10.0
gettingStarted-release-15
graaljs-alpha-0.4.0
graphql-alpha-0.18.0
help-release-16
hud-beta-0.17.0
invoke-beta-13
network-beta-0.10.0
oast-beta-0.16.0
onlineMenu-release-11
openapi-beta-35
pscanrules-release-50
quickstart-release-38
replacer-release-13
reports-release-0.23.0
requester-beta-7.3.0
retest-alpha-0.6.0
retire-release-0.24.0
reveal-release-6
scripts-release-39
selenium-release-15.13.0
soap-beta-18
spiderAjax-release-23.15.0
spider-release-0.5.0
tips-beta-11
webdriverlinux-release-57
websocket-release-29
zest-beta-39
Whenever i reinstall i just go through and install most of them and if i download them a few at a time it wont lock up during updating, almost guaranteed if i click the update all button, it always does at some point though if i get past updating has happened in the tens of times within the past few weeks and havent found a direct cause, and i dont think i have Wappalyzer.
litorismike
Jul 26, 2023, 3:52:42 AM7/26/23
to OWASP ZAP User Group
Just let me know what details would be helpful for you, thank you for the swift response.
thc...@gmail.com
Jul 26, 2023, 4:18:32 AM7/26/23
to zaprox...@googlegroups.com
Latest version (2.13) should no longer have issues updating the add-ons,
2.12 could lead to some errors (but no UI hangs/blocks, a restart would
be required still).
Are you seeing update problems with 2.13? Worth noting that some updates
show dialogues/warns and you have to dismiss those to continue the updates.
Best regards.
2.12 could lead to some errors (but no UI hangs/blocks, a restart would
be required still).
Are you seeing update problems with 2.13? Worth noting that some updates
show dialogues/warns and you have to dismiss those to continue the updates.
Best regards.
thc...@gmail.com
Jul 26, 2023, 4:19:07 AM7/26/23
to zaprox...@googlegroups.com
What OS are you using?
Thread dumps when you see slowdowns and hangs would help know what's
happening with ZAP internally.
Best regards.
Thread dumps when you see slowdowns and hangs would help know what's
happening with ZAP internally.
Best regards.
litorismike
Jul 26, 2023, 4:33:23 AM7/26/23
to OWASP ZAP User Group
im on Linux kali 6.1.0-kali9-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.27-1kali1 (2023-05-12) x86_64 GNU/Linux
is what the full uname is, its the usb live boot, how would i do a thread dump for what you guys need? i didnt try updating them all at once but yeah near the end of the last updating i did it locked up, also i meant to mention when i grabbed the plugin list a bit ago i noticed the files say they were last modified 1/1/1970 but i just installed 2.13 a few hours ago, kept happening with 2.12 too, would say the right date on install and first boot then change to that pretty quickly. i got hacked pretty recently, got into all my accounts and some of my friends accounts and have my ip as i did some stuff on google cloud that logged it so not sure if anything could be related to that but thought i should mention it
thc...@gmail.com
Jul 27, 2023, 9:27:30 AM7/27/23
to zaprox...@googlegroups.com
Could you try disable the passive scan rule Session Management Response
Identified ?
Maybe it's this issue:
https://github.com/zaproxy/zaproxy/issues/7957
Identified ?
Maybe it's this issue:
https://github.com/zaproxy/zaproxy/issues/7957
Reply all
Reply to author
Forward
0 new messages