ZAP-CLI doesn't start

449 views
Skip to first unread message

FaPa

unread,
Aug 25, 2021, 5:43:48 AM8/25/21
to OWASP ZAP User Group

Hello,

I am trying to start ZAP-cli with the following command: zap-cli start.
I get the following error

[INFO]            Starting ZAP daemon
[DEBUG]           Starting ZAP process with command: C:\Program Files\OWASP\Zed Attack Proxy\zap.bat -daemon -port 8090.
[DEBUG]           Logging to c:\tmp\zap.log
[ERROR]           Timed out waiting for ZAP to start.

My log file contains these lines at the end:

6574 [ZAP-daemon] INFO  org.zaproxy.zap.DaemonBootstrap - ZAP is now listening on localhost:8090
Parsing message body failed: Invalid JSON: <json>:1:0 Expected json literal but found  
   Ó=¹8¢¢?ªý62 f?h?   ¦ËðÈ          ¬ à       > A      
          ??òÉï^   3183ce526e809df7b5c4e83348e99ebc  
^
Parsing message body failed: Invalid JSON: <json>:1:0 Expected json literal but found  
   Ó=¹8¢¢?ªý62 f?h?   ¦ËðÈ          ¬ à       > A      
          ??òÉï^   3183ce526e809df7b5c4e83348e99ebc  

 

I have configured the following values ​​as an environment variable:

ZAP_LOG_PATH : c:\tmp
ZAP_PATH :  C:\Program Files\OWASP\Zed Attack Proxy\
ZAP_PORT : 8090
ZAP_URL :  localhost

I disabled API key in Zap Owasp

The session that has been created is locked as if Zap was still running.

Do you have an idea ?
Thanks in advance.

Simon Bennetts

unread,
Aug 25, 2021, 5:46:06 AM8/25/21
to OWASP ZAP User Group
Try deleting the lock file and/or all of the session files?
FYI the zap-cli is a third party project and not supported by the ZAP core team.

Cheers,

Simon

FaPa

unread,
Aug 25, 2021, 5:53:36 AM8/25/21
to OWASP ZAP User Group
Thank you for your answer.
Yes I deleted the locked files then restart my computer

FaPa

unread,
Sep 1, 2021, 10:32:14 AM9/1/21
to OWASP ZAP User Group
I still haven't solved my problem. It's very strange. Do you know who could help me out on this subject?

binar...@gmail.com

unread,
Oct 13, 2021, 1:23:34 AM10/13/21
to OWASP ZAP User Group

Same sort of errors visible in the log with the Zap API. Desktop and API seems to be doing what it's supposed to, but the API does seem to be dropping responses intermittently which can be disasterous without retries. Running 2.10.0.

Parsing message body failed: Invalid JSON: <json>:1:0 Expected json literal but found I
Input.Email={%username%}&Input.Password={%password%}
^
52994 [ZAP-ProxyThread-71] WARN  org.zaproxy.zap.extension.api.API - Bad request to API endpoint [/JSON/authentication/action/setLoggedOutIndicator/] from [172.25.0.120]:
org.zaproxy.zap.extension.api.ApiException: missing_parameter
at org.zaproxy.zap.extension.api.API.validateMandatoryParams(API.java:632) [zap-2.10.0.jar:2.10.0]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:503) [zap-2.10.0.jar:2.10.0]
at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:497) [zap-2.10.0.jar:2.10.0]
at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:333) [zap-2.10.0.jar:2.10.0]
at java.lang.Thread.run(Thread.java:834) [?:?]

Parsing message body failed: Invalid JSON: <json>:1:0 Expected json literal but found I
Input.Id=0&Input.EhrId=PurpleOrgEhrID&Input.Name=PurpleOrg&Input.PayerId=0&Input.EnableCML=false&__RequestVerificationToken=
^
74807 [ZAP-ProxyThread-145] INFO  org.parosproxy.paros.core.scanner.Scanner - scanner started

Thanks.
Reply all
Reply to author
Forward
0 new messages