zap-full-scan.py not found when running Docker container

[Oliver M]

Hi,

I've been following the ZAP Docker User Guide (https://www.zaproxy.org/docs/docker/about/) to run ZAP in a container to scan a local API.

To the best of my knowledge I'm following the instructions but the scan is failing to start as it cannot execute zap-full-scan.py. So I hope someone can help. Thanks.

This is my problem on an Amazon Linux 2 EC2 instance:

$ docker run -d --name=api -p 8050:8050 api
$ curl http://127.0.0.1:8050/request -o out.json

   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  282k    0  282k    0     0   366k      0 --:--:-- --:--:-- --:--:--  366k

$ docker run -d --name=zap --network=host -v $PWD:/zap -w /zap -t owasp/zap2docker-stable zap-full-scan.py -I -j -m 10 -T 20 -t http://127.0.0.1:8050 -r zap-full-scan.html

5cd33bc112718809231628471a7b52b6a76d645ae9d5f046801b8c1f9104892c

docker: Error response from daemon: OCI runtime create failed: container_linux.go:380: starting container process caused: exec: "zap-full-scan.py": executable file not found in $PATH: unknown.

$ docker ps -a -f name=zap
CONTAINER ID   IMAGE                     COMMAND                  CREATED          STATUS    PORTS     NAMES
5cd33bc11271   owasp/zap2docker-stable   "zap-full-scan.py -I…"   2 minutes ago   Created             zap

[Simon Bennetts]

Hiya,

The problem is "-v $PWD:/zap"

You are mapping the /zap directory to your $PWD .. but its the /zap dir that contains the scripts :)

You should be using: "-v $PWD:/zap/wrk:rw" as per https://www.zaproxy.org/docs/docker/full-scan/

Cheers,

Simon

[Oliver M]

Oops! With the correct volume it now scans.

Thank you Simon!