Owasp zap Broken Pipeline
316 views
Skip to first unread message
Joshua De Guzman
Oct 14, 2021, 9:08:58 PM10/14/21
to OWASP ZAP User Group
I'm scratching my head as what it cause. I have a owasp zap api instance deployed in AWS, t2.micro. it works fine when it try to scan an url. but for some time the owasp-zap fails but the service are still running.
After some time, I'm Getting this error
WARN org.parosproxy.paros.core.proxy.ProxyThread - Failed to write/forward the HTTP response to the client: java.net.SocketException: Broken pipe (Write failed)
Is theere anyway to resolve this issue? am I the only one encountering this? Thank you
After some time, I'm Getting this error
WARN org.parosproxy.paros.core.proxy.ProxyThread - Failed to write/forward the HTTP response to the client: java.net.SocketException: Broken pipe (Write failed)
Is theere anyway to resolve this issue? am I the only one encountering this? Thank you
Joshua De Guzman
Oct 14, 2021, 9:28:56 PM10/14/21
to OWASP ZAP User Group
#!/bin/bash
### Install zaproxy
curl -Ls https://github.com/zaproxy/zaproxy/releases/download/v2.10.0/ZAP_2.10.0_Linux.tar.gz > /tmp/ZAP_2.10.0_Linux.tar.gz
cd /tmp
tar -xzvf ZAP_2.10.0_Linux.tar.gz
sudo mv /tmp/ZAP_2.10.0/ /opt/zaproxy
### Install Java
sudo yum update
sudo amazon-linux-extras enable corretto8 -y
sudo yum install java-1.8.0-amazon-corretto -y
I used the following command to install the owasp-zap headless
I used the following command to install the owasp-zap headless
Joshua De Guzman
Oct 14, 2021, 9:33:29 PM10/14/21
to OWASP ZAP User Group
[Unit]
Description=OWASP Zap Headless
After=multi-user.target
[Service]
Type=idle
ExecStart=/opt/zaproxy/zap.sh -daemon -host 0.0.0.0 -port 8080 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.key=$API_KEY -config proxy.behindnat=true
Restart=on-failure
[Install]
WantedBy=multi-user.target
now this I Configure it to the ec2
after that I run the following commands
now this I Configure it to the ec2
after that I run the following commands
sudo systemctl daemon-reload
sudo systemctl enable zaproxy.service
sudo systemctl start zaproxy.service
Simon Bennetts
Oct 15, 2021, 4:21:11 AM10/15/21
to OWASP ZAP User Group
That message doesnt mean that ZAP is broken, it just means that one of the requests that ZAP made failed.
Its a common occurance and can be safely ignored unless you are seeing other problems, in which case it _may_ be relevant.
Cheers,
Simon
Joshua De Guzman
Oct 16, 2021, 9:11:06 PM10/16/21
to OWASP ZAP User Group
but then when I access my zap api, it doesn't work. also I'm seeing a log that someone is using my zap headless api. is it possible as i already set my API key?
Simon Bennetts
Oct 18, 2021, 4:35:34 AM10/18/21
to OWASP ZAP User Group
Er, you are asking me??
Of course its possible that you have set your API key but only you can know or find that out :P
Reply all
Reply to author
Forward
0 new messages