How do you disable Wappalyzer in Docker scans?
103 views
Skip to first unread message
Ni30 Work
Jan 22, 2024, 3:26:54 AM1/22/24
to ZAP User Group
So I'm doing a docker full scan, and my scan seems to be stuck at active scan 18%.
I'm worrying that the Wappalyzer might be the issue because in the logs, I can only see Wapplyzer logs.
So I was thinking about disabling it in the scan with the config file. But I can't find the plugin ID for it.
Here are a part of the logs in zap.log.
I'm worrying that the Wappalyzer might be the issue because in the logs, I can only see Wapplyzer logs.
So I was thinking about disabling it in the scan with the config file. But I can't find the plugin ID for it.
Here are a part of the logs in zap.log.
2024-01-22 07:22:19,182 [ZAP-PassiveScan-1] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 150 seconds to scan text/html; charset=utf-8 95343
2024-01-22 07:23:30,550 [ZAP-PassiveScan-2] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 140 seconds to scan loki%%26ol; charset=utf-8 95764
2024-01-22 07:24:50,199 [ZAP-PassiveScan-1] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 143 seconds to scan pdate_email&original_lead_update_phone&project=DM227730&update_scancode text/html; charset=utf-8 95623
2024-01-22 07:26:02,982 [ZAP-PassiveScan-2] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 148 seconds to scan 95505
2024-01-22 07:27:22,338 [ZAP-PassiveScan-1] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 147 seconds to scan eria=b%27project%3DDM227730%27&search_criteria_name=ZAP text/html; charset=utf-8 95607
2024-01-22 07:28:41,983 [ZAP-PassiveScan-2] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 149 seconds to scan me=ZAP text/html; charset=utf-8 95558
2024-01-22 07:29:57,138 [ZAP-PassiveScan-1] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 150 seconds to scan ; charset=utf-8 95542
2024-01-22 07:31:08,555 [ZAP-PassiveScan-2] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 142 seconds to scan charset=utf-8 95440
2024-01-22 07:31:24,931 [ZAP-IO-Server-1-123] INFO ZapHttpRequestRetryExec - Recoverable I/O exception (org.apache.hc.core5.http.NoHttpResponseException) caught when processing request to {s}->
2024-01-22 07:32:20,185 [ZAP-PassiveScan-1] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 139 seconds to scan 62-5862B2A32069%26issue_org%3DZAP%26issue_scancode%3DZAP%26lead_requestor_id%3D9E664D5C-DAE8-44FA-901A-A1DBA4E4FC06%26loki%3DNvJYQNqxfAs4VamYSfbUBMxHgTKFBE3aREOqJ9UgoNoC1opS64ZQLGOeceCGsPmC%26notes%26project%3DDM227730%27&search_criteria_name=ZAP text/html; charset=utf-8 95798
2024-01-22 07:33:34,817 [ZAP-PassiveScan-2] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 142 seconds to scan
2024-01-22 07:35:02,878 [ZAP-PassiveScan-1] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 150 seconds to scan ext/html; charset=utf-8 95550
2024-01-22 07:35:51,398 [ZAP-PassiveScan-2] WARN PassiveScanTask - Passive Scan rule Wappalyzer Scanner (Tech Detection) took 132 seconds to scan eria=b%27project%3DDM224400%27&search_criteria_name=ZAP text/html; charset=utf-8 90603
The zap.log file is flooded with messages like that. Does this look like the Wappalyzer is causing the scan to run indefinitely?
Simon Bennetts
Jan 22, 2024, 4:30:38 AM1/22/24
to ZAP User Group
Wappalyzer is in its own add-on: https://www.zaproxy.org/docs/desktop/addons/technology-detection/
Even though it uses the passive scan infrastructure it doesnt actually raise alerts, which is why its not listed on https://www.zaproxy.org/docs/alerts/
It does look like its taking a while, but wappalyzer doesnt make any requests of its own, it just analyses requests made by the other tools.
Can you tell from the logs if the spiders actually finished and that the active scan has started?
Cheers,
Simon
Ni30 Work
Jan 22, 2024, 7:25:24 PM1/22/24
to ZAP User Group
Hi Simon,
Yes, the active scan has started it was at 16%, where it gets stuck. After running overnight, it reached up to 18% but it still going on.
But in zap.log, I can still see the Wappalyzer doing its thing.
Anyways, for future reference as well, is there some way we can disable Wappalyzer from the scans?
I couldn't find any way to do that yet on the docker scans.
Thanks,
Nitish
Yes, the active scan has started it was at 16%, where it gets stuck. After running overnight, it reached up to 18% but it still going on.
But in zap.log, I can still see the Wappalyzer doing its thing.
Anyways, for future reference as well, is there some way we can disable Wappalyzer from the scans?
I couldn't find any way to do that yet on the docker scans.
Thanks,
Nitish
thc...@gmail.com
Jan 23, 2024, 2:42:56 AM1/23/24
to zaprox...@googlegroups.com
Hi,
Start ZAP with:
-config wappalyzer.enabled=false
Best regards.
Start ZAP with:
-config wappalyzer.enabled=false
Best regards.
Ni30
Jan 28, 2024, 8:42:46 PM1/28/24
to ZAP User Group
Oh wow, that helps a lot. Thanks for sharing this.
Also for my reference and anyone else,
Here is how you can find any config options you set in Zap Desktop.
https://www.zaproxy.org/faq/how-do-you-find-out-what-key-to-use-to-set-a-config-value-on-the-command-line/
Also for my reference and anyone else,
Here is how you can find any config options you set in Zap Desktop.
https://www.zaproxy.org/faq/how-do-you-find-out-what-key-to-use-to-set-a-config-value-on-the-command-line/
Thanks :)
Reply all
Reply to author
Forward
0 new messages