Connection reset error after updating to 2.8
65 views
Skip to first unread message
rdans
Nov 5, 2019, 11:35:00 AM11/5/19
to OWASP ZAP User Group
Hi. Today I opened up ZAP 2.7 and started an automated scan on a site, which was progressing fine.
At some point i clicked on the check for updates and noticed a new version was available so aborted the scan and updated ZAP. Once 2.8 had finished downloading and installing I tried to start another scan but every time I try now I immediately get an error. I've pasted the error details below. Could someone please help me resolve this. Thanks in advance.
ZAP Error [java.net.SocketException]: Connection reset Stack Trace: java.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:210) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.InputRecord.read(InputRecord.java:503) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:860) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.flushRequestOutputStream(MultiThreadedHttpConnectionManager.java:1565) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2248) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1154) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:462) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:201) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(HttpSender.java:398) at org.parosproxy.paros.network.HttpSender.runMethod(HttpSender.java:633) at org.parosproxy.paros.network.HttpSender.send(HttpSender.java:589) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:565) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(HttpSender.java:553) at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:458) at org.parosproxy.paros.network.HttpSender.sendAndReceive(HttpSender.java:428) at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:564) at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:321) at java.lang.Thread.run(Thread.java:748)
Peter Hauschulz
Nov 6, 2019, 2:39:22 AM11/6/19
to OWASP ZAP User Group
what OS and java version are you using?
With ZAP 2.8 running, can you point a browser to it and successfully navigate pages and see traffic populating in ZAP?
thc...@gmail.com
Nov 6, 2019, 5:13:51 AM11/6/19
to zaprox...@googlegroups.com
Hi.
Do you have an outgoing proxy configured in ZAP?
Best regards.
Do you have an outgoing proxy configured in ZAP?
Best regards.
rdans
Nov 6, 2019, 7:36:12 AM11/6/19
to OWASP ZAP User Group
Windows 10 and Java version 8 update 231. I just updated to this Java version now and tried again and I still get the same results as before.
I just tried proxying through ZAP in Edge and yes I managed to navigate to a website and saw the get requests populating in ZAP.
Peter Hauschulz
Nov 6, 2019, 7:51:42 AM11/6/19
to OWASP ZAP User Group
how are you initiating this scan? (also, which type of scan?)
If you pick a proper target in ZAP UI and start that scan (spider, active, etc..) what error pops up? What do you see?
Peter Hauschulz
Nov 6, 2019, 7:54:46 AM11/6/19
to OWASP ZAP User Group
The only error I remember seeing come up due to 2.8 specifically was that the default HUD settings didn't play well with http sites, so one thing you could try is going to Tools/Options/HUD and uncheck 'enable in ZAP desktop' or 'enable in daemon', but I'm not sure your problem description matches that pattern of issues....
Jon Godden
Mar 30, 2023, 4:01:07 AM3/30/23
to OWASP ZAP User Group
This may be unrelated, but I was also getting connection reset when trying to do an Automated Scan on the Juice Shop app. Juice shop by default listens on port 3000, and I had Windows IPHelper reserving this port. Even when I killed this process, so port 3000 was freed up, ZAP was getting connection reset. It was only when I removed the netsh interface according to the helpful post below, and restarted ZAP that I could run the Automated Scan successfully.
In my case, I ran the following command in powershell:
netsh interface portproxy delete v4tov4 listenport=3000 listenaddress=0.0.0.0
Hope this helps.
Reply all
Reply to author
Forward
0 new messages