different scan results in the report
28 views
Skip to first unread message
Gary Guo (Gary Guo)
Mar 29, 2023, 11:38:24 PM3/29/23
to OWASP ZAP User Group
Hi team,
I ran activescan on the same website target with desktop GUI AF and then ran docker with the yaml file saved from the desktop AF (shows in pic3), the image version is the latest. But I got two different reports , the report generated from the desktop GUI AF is great, as the following pic1 shows, but the report generated from the docker got nothing , as the following pic2 shows.
I think the add-ons in docker version are all latest, any clue for the totally difference of the report ?
Simon Bennetts
Mar 30, 2023, 5:16:08 AM3/30/23
to OWASP ZAP User Group
Have you checked to make sure you can access the target from the docker container?
Cheers,
Simon
Gary Guo (Gary Guo)
Mar 30, 2023, 11:28:22 PM3/30/23
to OWASP ZAP User Group
I can access the target from the docker container.
Gary Guo (Gary Guo)
Mar 31, 2023, 2:57:09 AM3/31/23
to OWASP ZAP User Group
By the way , I checked the logs in zap.log , then get the following information , which shows that Job activeScan completed in 0s, it seemed something wrong with the activescan , any idea about it ?
2023-03-31 06:35:35,035 [main ] INFO CommandLine - Job activeScan started
2023-03-31 06:35:35,052 [main ] INFO Scanner - scanner started
2023-03-31 06:35:35,053 [Thread-4] INFO Scanner - scanner completed in 0s
2023-03-31 06:35:35,322 [ZAP-telemetry-start] ERROR ExtensionCallHome - tel.zaproxy.org: Name or service not known
org.zaproxy.addon.network.common.ZapUnknownHostException: tel.zaproxy.org: Name or service not known
at org.zaproxy.addon.network.internal.client.apachev5.HttpSenderApache.sendImpl(HttpSenderApache.java:368) ~[?:?]
at org.zaproxy.addon.network.internal.client.apachev5.HttpSenderApache.sendImpl(HttpSenderApache.java:116) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAuthenticated(BaseHttpSender.java:363) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendNoRedirections(BaseHttpSender.java:331) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.send(BaseHttpSender.java:287) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:258) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:63) ~[?:?]
at org.zaproxy.addon.network.internal.client.CloseableHttpSenderImpl.sendAndReceive(CloseableHttpSenderImpl.java:47) ~[?:?]
at org.parosproxy.paros.network.HttpSender.sendImpl(HttpSender.java:504) ~[zap-D-2023-03-27.jar:D-2023-03-27]
at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:497) ~[zap-D-2023-03-27.jar:D-2023-03-27]
at org.zaproxy.addon.callhome.ExtensionCallHome.sendServiceRequest(ExtensionCallHome.java:197) ~[?:?]
at org.zaproxy.addon.callhome.ExtensionCallHome.lambda$uploadTelemetryStartData$5(ExtensionCallHome.java:325) ~[?:?]
at java.lang.Thread.run(Thread.java:829) ~[?:?]
2023-03-31 06:35:35,555 [main ] INFO CommandLine - Job activeScan finished
2023-03-31 06:35:35,052 [main ] INFO Scanner - scanner started
2023-03-31 06:35:35,053 [Thread-4] INFO Scanner - scanner completed in 0s
2023-03-31 06:35:35,322 [ZAP-telemetry-start] ERROR ExtensionCallHome - tel.zaproxy.org: Name or service not known
org.zaproxy.addon.network.common.ZapUnknownHostException: tel.zaproxy.org: Name or service not known
at org.zaproxy.addon.network.internal.client.apachev5.HttpSenderApache.sendImpl(HttpSenderApache.java:368) ~[?:?]
at org.zaproxy.addon.network.internal.client.apachev5.HttpSenderApache.sendImpl(HttpSenderApache.java:116) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAuthenticated(BaseHttpSender.java:363) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendNoRedirections(BaseHttpSender.java:331) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.send(BaseHttpSender.java:287) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:258) ~[?:?]
at org.zaproxy.addon.network.internal.client.BaseHttpSender.sendAndReceive(BaseHttpSender.java:63) ~[?:?]
at org.zaproxy.addon.network.internal.client.CloseableHttpSenderImpl.sendAndReceive(CloseableHttpSenderImpl.java:47) ~[?:?]
at org.parosproxy.paros.network.HttpSender.sendImpl(HttpSender.java:504) ~[zap-D-2023-03-27.jar:D-2023-03-27]
at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:497) ~[zap-D-2023-03-27.jar:D-2023-03-27]
at org.zaproxy.addon.callhome.ExtensionCallHome.sendServiceRequest(ExtensionCallHome.java:197) ~[?:?]
at org.zaproxy.addon.callhome.ExtensionCallHome.lambda$uploadTelemetryStartData$5(ExtensionCallHome.java:325) ~[?:?]
at java.lang.Thread.run(Thread.java:829) ~[?:?]
2023-03-31 06:35:35,555 [main ] INFO CommandLine - Job activeScan finished
在2023年3月30日星期四 UTC+8 17:16:08<psi...@gmail.com> 写道:
Reply all
Reply to author
Forward
Message has been deleted
0 new messages