Connection reset error after updating to 2.8

65 views
Skip to first unread message

rdans

unread,
Nov 5, 2019, 11:35:00 AM11/5/19
to OWASP ZAP User Group
Hi. Today I opened up ZAP 2.7 and started an automated scan on a site, which was progressing fine.

At some point i clicked on the check for updates and noticed a new version was available so aborted the scan and updated ZAP. Once 2.8 had finished downloading and installing I tried to start another scan but every time I try now I immediately get an error. I've pasted the error details below. Could someone please help me resolve this. Thanks in advance.


ZAP Error [java.net.SocketException]: Connection reset


Stack Trace:
java.net.SocketException: Connection reset
	at java.net.SocketInputStream.read(SocketInputStream.java:210)
	at java.net.SocketInputStream.read(SocketInputStream.java:141)
	at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
	at sun.security.ssl.InputRecord.read(InputRecord.java:503)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
	at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
	at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
	at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
	at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
	at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:860)
	at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.flushRequestOutputStream(MultiThreadedHttpConnectionManager.java:1565)
	at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2248)
	at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1154)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:462)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:201)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.parosproxy.paros.network.HttpSender.executeMethod(HttpSender.java:398)
	at org.parosproxy.paros.network.HttpSender.runMethod(HttpSender.java:633)
	at org.parosproxy.paros.network.HttpSender.send(HttpSender.java:589)
	at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:565)
	at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:553)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:458)
	at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:428)
	at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:564)
	at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:321)
	at java.lang.Thread.run(Thread.java:748)

Peter Hauschulz

unread,
Nov 6, 2019, 2:39:22 AM11/6/19
to OWASP ZAP User Group
what OS and java version are you using?

With ZAP 2.8 running, can you point a browser to it and successfully navigate pages and see traffic populating in ZAP?

thc...@gmail.com

unread,
Nov 6, 2019, 5:13:51 AM11/6/19
to zaprox...@googlegroups.com
Hi.

Do you have an outgoing proxy configured in ZAP?

Best regards.

rdans

unread,
Nov 6, 2019, 7:36:12 AM11/6/19
to OWASP ZAP User Group
Windows 10 and Java version 8 update 231. I just updated to this Java version now and tried again and I still get the same results as before.

I just tried proxying through ZAP in Edge and yes I managed to navigate to a website and saw the get requests populating in ZAP.

Peter Hauschulz

unread,
Nov 6, 2019, 7:51:42 AM11/6/19
to OWASP ZAP User Group
how are you initiating this scan? (also, which type of scan?)

If you pick a proper target in ZAP UI and start that scan (spider, active, etc..) what error pops up? What do you see?

Peter Hauschulz

unread,
Nov 6, 2019, 7:54:46 AM11/6/19
to OWASP ZAP User Group
The only error I remember seeing come up due to 2.8 specifically was that the default HUD settings didn't play well with http sites, so one thing you could try is going to Tools/Options/HUD and uncheck 'enable in ZAP desktop' or 'enable in daemon', but I'm not sure your problem description matches that pattern of issues....

Jon Godden

unread,
Mar 30, 2023, 4:01:07 AM3/30/23
to OWASP ZAP User Group
This may be unrelated, but I was also getting connection reset when trying to do an Automated Scan on the Juice Shop app. Juice shop by default listens on port 3000, and I had Windows IPHelper reserving this port. Even when I killed this process, so port 3000 was freed up, ZAP was getting connection reset. It was only when I removed the netsh interface according to the helpful post below, and restarted ZAP that I could run the Automated Scan successfully.


In my case, I ran the following command in powershell:

netsh interface portproxy delete v4tov4 listenport=3000 listenaddress=0.0.0.0

 Hope this helps.
Reply all
Reply to author
Forward
0 new messages