I am running zap docker full scan on my target host. However while debugging I came across that I missed to provide login information to my web application which is also target host. Steps are as below -
- Web application when launched it do not land on login page instead lands on setting up the application or installation details etc.. once we provide all details then set up some questionnaire then the application lands on login page.
- Initially i was running below jenkins stage
sh 'docker run -v /<Jenkins Path>/Reports:/zap/wrk/:rw -t docker.io/owasp/zap2docker-stable zap-full-scan.py -t https://<host>:<IP>/ -g gen.conf -r testreport.html'
On above command zap used to scan till https://://login and wrap up the scanning. - Then when I started exploring more on ZAP logging to web application and performing scan, I came across
https://github.com/ICTU/zap-baseline
and no other form based authentication solution for zap Docker on stable build and I also got below error when I hit the commanddocker run --rm -v /<Path>/Reports:/zap/wrk/:rw -t ictu/zap2docker-weekly zap-full-scan.py -I -j -m 10 -T 60 -t https://<host>:<port>-r testreport.html --hook=/zap/auth_hook.py -z "auth.loginurl=https://<ip>:<port>/<page>/login auth.username="abc" auth.password="abc123" auth.username_field="j_username" auth.password_field="j_password" auth.submit_field="j_submit""'
Error
14593 [ZAP-daemon] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - Creating new root CA certificate
16732 [ZAP-daemon] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL - New root CA certificate created
16737 [ZAP-daemon] ERROR org.zaproxy.zap.DaemonBootstrap - File not found 'auth.loginurl=https://<host>:<port>/<module>/login'
java.lang.Exception: File not found 'auth.loginurl=https://<host>:<port>/<module>/login'
at org.parosproxy.paros.CommandLine.parse(CommandLine.java:304) ~[zap-D-2021-02-01.jar:D-2021-02-01]
at org.parosproxy.paros.extension.ExtensionLoader.hookCommandLineListener(ExtensionLoader.java:1049) ~[zap-D-2021-02-01.jar:D-2021-02-01]
at org.zaproxy.zap.DaemonBootstrap$1.run(DaemonBootstrap.java:85) [zap-D-2021-02-01.jar:D-2021-02-01]
at java.lang.Thread.run(Thread.java:834) [?:?]
16751 [ZAP-daemon] INFO org.zaproxy.zap.DaemonBootstrap - ZAP is now listening on 0.0.0.0:54624
56762 [ZAP-ProxyThread-11] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Setting new active session for site '<IP>:<PORT>': HttpSession [name=auth-session, active=false, tokenValues='']
56807 [ZAP-ProxyThread-13] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite - Setting new active session for site '<IP>:<PORT>': HttpSession [name=auth-session, active=true, tokenValues='JSESSIONID=<sessionid>']
67128 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread - Starting spidering scan on Context: ctx-zap-docker at Wed Feb 17 16:56:10 UTC 2021
67134 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Spider initializing...
67212 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Starting spider...
72093 [ZAP-PassiveScanner] INFO org.zaproxy.zap.extension.pscan.PassiveScanThread - Disabling passive scanner Absence of Anti-CSRF Tokens as it has raised more than 10 alerts.
Is there any other way to perform full scan with login or form based authentication in zap docker instead of headerless scan? Also regarding point #1 - How can i perform all the initial setup and land to loginpage? or how can i bypass initial setup and land directly to login page, However unless you setup initial setup page login page do not get enabled or cannot jump to /login/
Also i got the below error -
660506 [Thread-10] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 541 node(s) from https://<ip>:<port>
660508 [Thread-10] INFO org.parosproxy.paros.core.scanner.HostProcess - start host https://<ip>:<port> | PathTraversalScanRule strength LOW threshold MEDIUM
#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGBUS (0x7) at pc=0x00007fd5508d72b5, pid=9, tid=2998
#
# JRE version: OpenJDK Runtime Environment (11.0.9.1+1) (build 11.0.9.1+1-Ubuntu-0ubuntu1.20.04)
# Java VM: OpenJDK 64-Bit Server VM (11.0.9.1+1-Ubuntu-0ubuntu1.20.04, mixed mode, sharing, tiered, compressed oops, g1 gc, linux-amd64)
# Problematic frame:
# v ~StubRoutines::jlong_disjoint_arraycopy
#
# Core dump will be written. Default location: Core dumps may be processed with "/usr/share/apport/apport %p %s %c %d %P %E" (or dumping to /zap/core.9)
#
# An error report file with more information is saved as:
# /zap/hs_err_pid9.log
Compiled method (c2) 1152543 17502 ! 4 java.nio.DirectByteBuffer::put (151 bytes)
total in heap [0x00007fd558d4d710,0x00007fd558d4e020] = 2320
relocation [0x00007fd558d4d888,0x00007fd558d4d8b8] = 48
main code [0x00007fd558d4d8c0,0x00007fd558d4dbc0] = 768
stub code [0x00007fd558d4dbc0,0x00007fd558d4dbe8] = 40
oops [0x00007fd558d4dbe8,0x00007fd558d4dbf0] = 8
metadata [0x00007fd558d4dbf0,0x00007fd558d4dc60] = 112
scopes data [0x00007fd558d4dc60,0x00007fd558d4df08] = 680
scopes pcs [0x00007fd558d4df08,0x00007fd558d4dfe8] = 224
dependencies [0x00007fd558d4dfe8,0x00007fd558d4dff0] = 8
handler table [0x00007fd558d4dff0,0x00007fd558d4e008] = 24
nul chk table [0x00007fd558d4e008,0x00007fd558d4e020] = 24
Compiled method (c1) 1152543 15814 3 org.hsqldb.rowio.RowOutputBinaryEncode::writeData (93 bytes)
total in heap [0x00007fd552311990,0x00007fd552312ba8] = 4632
relocation [0x00007fd552311b08,0x00007fd552311bf0] = 232
main code [0x00007fd552311c00,0x00007fd5523127c0] = 3008
stub code [0x00007fd5523127c0,0x00007fd552312860] = 160
oops [0x00007fd552312860,0x00007fd552312868] = 8
metadata [0x00007fd552312868,0x00007fd5523128a8] = 64
scopes data [0x00007fd5523128a8,0x00007fd552312a18] = 368
scopes pcs [0x00007fd552312a18,0x00007fd552312b78] = 352
dependencies [0x00007fd552312b78,0x00007fd552312b80] = 8
nul chk table [0x00007fd552312b80,0x00007fd552312ba8] = 40
Could not load hsdis-amd64.so; library not loadable; PrintAssembly is disabled
#
# If you would like to submit a bug report, please visit:
# https://bugs.launchpad.net/ubuntu/+source/openjdk-lts
#