Python connection refused error

1,476 views
Skip to first unread message

Architha

unread,
Dec 30, 2019, 1:11:34 PM12/30/19
to OWASP ZAP User Group
Hi,

I'm using the OWASP ZAP Docker Image(owasp/zap2docker-stable) and running an authenticated scan by creating a python container, i don't have any issues with pulling the zap and building the python container but when i run the following command to execute scan I'm receiving connection refused error at zap.core.new_session.


Command: docker run -i --rm --name dustin -v zapshare:/usr/src/app -w /usr/src/app python3:zapv2 python authscan.py


Error:  Traceback (most recent call list) File "usr/local/lib/python3.8/site-packages/urllib3/connection.py", line 156, in _new_conn conn = connection.create_connection(
File "usr/local/lib/python3.8/site-packages/urllib3/util/connection.py", line 84, in create_connection
raise err
File "usr/local/lib/python3.8/site-packages/urllib3/util/connection.py", line 74, in create_connection sock.connect(sa)
ConnectionrefusedError: [Errno 111] Connection refused


Docker File(Python)

Dockerfile:
FROM python:3
WORKDIR /usr/src/app COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt
COPY .  .
CMD ["echo", "Hello Python3!"]

Can anyone suggest how to overcome this error.

Thanks
Archi

kingthorin+owaspzap

unread,
Dec 30, 2019, 1:41:30 PM12/30/19
to OWASP ZAP User Group
https://github.com/zaproxy/zaproxy/wiki/FAQremote

Architha

unread,
Dec 30, 2019, 3:45:44 PM12/30/19
to OWASP ZAP User Group
Hi,

I have gone through the command and everything looks as per the FAQremote, but still the same error.

Here's my command :

docker run -u zap -p 8080:8080 -i --restart always -v zapshare:/home/zap --name zappy owasp/zap2docker-stable zap.sh -daemon -host 0.0.0.0 -port 8080 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.key = test

docker run -i --rm --name dast -v zapshare:/usr/src/app -w /usr/src/app python3:zapv2 python authscan.py

localProxy = {"http":"http://172.18.0.2:8080/", "https":"https://172.18.0.2:8080/"}   -- Here 172.18.0.2 is the ip of the docker, i tried 0.0.0.0 but didn't work.

apiKey = 'test'

zap = ZAPv2(apikey=apiKey, proxies=localProxy)

Thanks
Archi

On Monday, December 30, 2019 at 1:41:30 PM UTC-5, kingthorin+owaspzap wrote:
https://github.com/zaproxy/zaproxy/wiki/FAQremote

kingthorin+owaspzap

unread,
Dec 30, 2019, 4:29:04 PM12/30/19
to OWASP ZAP User Group
Is there a FW on the docker host that’s blocking connectivity?

Architha

unread,
Dec 30, 2019, 5:08:34 PM12/30/19
to OWASP ZAP User Group
The host is an AWS Managed Image so i'm not sure about the Firewalls, when i run the baseline scan using the following command, the scan runs fine. So, i'm not sure why the connection fails in running the custom python script.

docker run -t owasp/zap2docker-stable zap-baseline.py -t https://demo-testapp.com

Architha

unread,
Dec 31, 2019, 12:58:41 PM12/31/19
to OWASP ZAP User Group
Hi,

I see INFO "unsafe SSL renegotiation disabled". Do you think that's the issue and how do i enable it while running in docker container.

Thanks
Archi
Reply all
Reply to author
Forward
0 new messages