ZAP responses with "IO error in sending request" when testing the d-link backdoor.
902 views
Skip to first unread message
Gye-Ok Jung
Dec 1, 2014, 9:15:03 AM12/1/14
to zaprox...@googlegroups.com
I'm a pentester of Korea.
My ZAP responses with "IO error in sending request" message when I tested the d-link backdoor.
Refers at
In RESEND Dialogue, Whenever I replace the string of User-Agent: field with "", ZAP pops up the message of "IO error in sending request".
Does Anybody know this situation??
Or
Is there any purpose of blocking this backdoor attack string "mlset_roodkcableoj28840ybtide"??
Simon Bennetts
Dec 4, 2014, 5:59:54 AM12/4/14
to zaprox...@googlegroups.com
Thats strange, I've just tried setting the User-Agent field to that value in the Resend dialog and it worked fine.
What version of ZAP are you using?
Are the any errors in the zap.log file (which will be in the default directory unless you've changed it).
Cheers,
Simon
What version of ZAP are you using?
Are the any errors in the zap.log file (which will be in the default directory unless you've changed it).
Cheers,
Simon
Gye-Ok Jung
Dec 6, 2014, 7:39:13 PM12/6/14
to zaprox...@googlegroups.com
I'm using ver 2.3.1 on my Mac Book Pro(Retina) with OS X 10.8.5.
2014-12-07 09:30:48,950 WARN ManualRequestEditorDialog - IO error in sending request.
java.io.IOException: IO error in sending request.
at org.parosproxy.paros.extension.manualrequest.http.impl.HttpPanelSender.handleSendMessage(Unknown Source)
at org.parosproxy.paros.extension.manualrequest.ManualRequestEditorDialog$3.run(Unknown Source)
at java.lang.Thread.run(Thread.java:744)
Caused by: org.apache.commons.httpclient.ProtocolException: The server 10.1.1.100 failed to respond with a valid HTTP response
at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(HttpMethodBase.java:1987)
at org.zaproxy.zap.ZapGetMethod.readResponse(Unknown Source)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1098)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source)
at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source)
at org.parosproxy.paros.network.HttpSender.send(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
... 3 more
2014-12-07 09:33:17,810 WARN ManualRequestEditorDialog - IO error in sending request.
java.io.IOException: IO error in sending request.
at org.parosproxy.paros.extension.manualrequest.http.impl.HttpPanelSender.handleSendMessage(Unknown Source)
at org.parosproxy.paros.extension.manualrequest.ManualRequestEditorDialog$3.run(Unknown Source)
at java.lang.Thread.run(Thread.java:744)
Caused by: org.apache.commons.httpclient.ProtocolException: The server 10.1.1.100 failed to respond with a valid HTTP response
at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(HttpMethodBase.java:1987)
at org.zaproxy.zap.ZapGetMethod.readResponse(Unknown Source)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1098)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source)
at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source)
at org.parosproxy.paros.network.HttpSender.send(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source)
at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source)
... 3 more
2014년 12월 4일 목요일 오후 7시 59분 54초 UTC+9, Simon Bennetts 님의 말:
Gye-Ok Jung
Dec 7, 2014, 8:14:24 AM12/7/14
to zaprox...@googlegroups.com
After reviewing the packets, I found the reason of this error!
The reason was not the sending packet of "xmlset_roodkcableoj28840ybtide", but the response packet has not the http header!!
D-Link router with backdoor responses with packets of no http headers.
Like followings.
---------------------------------------------------------------------------------------
if (sync=="") sync="1";
if (sync=="1")
{
var d=new Date();
var str=new String("Home/h_wizard.xgi?");
str+=""+"setPath=/runtime/time/";
date1=(d.getMonth()+1)+"/"+d.getDate()+"/"+d.getFullYear();
str+="&"+"date="+date1;
time1=d.getHours()+":"+d.getMinutes()+":"+d.getSeconds();
str+="&"+"time="+time1;
str+="&"+"endSetPath=1";
str+="&"+"CMT=1";
str+="&"+"EXE=TimeZone";
self.location.href=str;
}
else
{
self.location.href="Home/h_wizard.htm";
}
</script>
</head>
<body bgcolor="#FFFFFF" text="#000000">
</body>
</noframes>
</html>
-----------------------------------------------------------------------
The problem of ZAP can not process no-header http response, BUT Burp Suite can.
Is there anybody can solve this problem??
2014년 12월 4일 목요일 오후 7시 59분 54초 UTC+9, Simon Bennetts 님의 말:
Thats strange, I've just tried setting the User-Agent field to that value in the Resend dialog and it worked fine.
kingthorin+owaspzap
Dec 7, 2014, 11:08:01 AM12/7/14
to zaprox...@googlegroups.com
Unfortunately there's currently no way around this (that I'm aware of).
We're dependent upon apache's http client libraries in interacting with things, if the apache client doesn't like the response there isn't much we can do with it.
We're dependent upon apache's http client libraries in interacting with things, if the apache client doesn't like the response there isn't much we can do with it.
Reply all
Reply to author
Forward
0 new messages