Connection Refused for a app in docker

[Mohit Mahesh Vaswani]

I have a react app hosted on localhost:5000 in the network zapnet
when i run: docker run -p 8090:8090 --net=zapnet -t owasp/zap2docker-stable zap-baseline.py -t http://localhost:5000

i get:
Using the Automation Framework
Automation plan failures:
        Job spider failed to access URL http://localhost:5000 : Connect to http://localhost:5000 [localhost/127.0.0.1] failed: Connection refused (Connection refused)
I saw the documentation where they suggested:
docker run -t softwaresecurityproject/zap-weekly zap-baseline.py -t http://$(ip -f inet -o addr show docker0 | awk '{print $4}' | cut -d '/' -f 1):5000

but i am getting:
Option "-f" is unknown, try "ip help".
Using the Automation Framework
Automation plan failures:
        Job spider failed to access URL http://:5000 : java.lang.IllegalArgumentException: Host name must not be empty
2024-03-07 04:58:28,694 Failed to access summary file /home/zap/zap_out.json

Can anyone please help me with steps/commands?

[Simon Bennetts]

As per https://www.zaproxy.org/docs/docker/about/#scanning-an-app-running-on-the-host-os IP addresses like localhost and 127.0.0.1 cannot be used to access an app running on the host OS from within a docker container.

The "$(ip -f inet -o addr show docker0 | awk '{print $4}' | cut -d '/' -f 1)" bit of magic is supposed to get arounfd that, but is obviously failing in your case.

What OS are you using?

It would be worth searching online for the right way to get the IP address of a docker image running on the OS you are using.

Cheers,

Simon

[Mohit Mahesh Vaswani]

I am working on Mac, can you help me with the command?

[thc...@gmail.com]

This might help:
https://docs.docker.com/desktop/networking/#i-want-to-connect-from-a-container-to-a-service-on-the-host

Best regards.