Results 1 to 2 of 2

Thread: Zed Attack Proxy Issue

  1. #1
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    1

    Default Zed Attack Proxy Issue

    Good day, all.

    I have been testing ZAP on the Moth VM (from Bonsai Information Security). I first start using the spider, then I do an active scan. No problem so far. But, when I try to save a report, either in html or in xml, I run into issues. ZAP looks like it is saving the file, then it tries to open it in Firefox. However I get a "file not found error" error. I go look in the directory where the report is supposed to have been generated and the file is not there. As I am running as root, I know it is not an access rights issue. I am also aware that version 1.3.2 has an issue with saving file names without the extension, although it was corrected in version 1.3.3. I have tried to save with the file extension, but to no avail. I have even tried the windows version of ZAP 1.3.3, but no joy. I have a feeling that I am missing something very basic (for which I will probably kick myself over) but I can't seem to put my finger on it.

    Any help on this would be appreciated.

  2. #2
    Just burned his ISO
    Join Date
    Sep 2010
    Posts
    11

    Default Re: Zed Attack Proxy Issue

    Quote Originally Posted by StephMeister View Post
    Good day, all.

    I have been testing ZAP on the Moth VM (from Bonsai Information Security). I first start using the spider, then I do an active scan. No problem so far. But, when I try to save a report, either in html or in xml, I run into issues. ZAP looks like it is saving the file, then it tries to open it in Firefox. However I get a "file not found error" error. I go look in the directory where the report is supposed to have been generated and the file is not there. As I am running as root, I know it is not an access rights issue. I am also aware that version 1.3.2 has an issue with saving file names without the extension, although it was corrected in version 1.3.3. I have tried to save with the file extension, but to no avail. I have even tried the windows version of ZAP 1.3.3, but no joy. I have a feeling that I am missing something very basic (for which I will probably kick myself over) but I can't seem to put my finger on it.

    Any help on this would be appreciated.
    Can you have a look in the ZAP log to see if any errors are generated?
    On Windows this will be under your user directory in OWASP ZAP/zap.log
    On Linux it will be in ~/.ZAP/zap.log

    As you spotted there was a problem with reports on Linux in 1.3.2 but that should be fixed in 1.3.3

    btw I only spotted this thanks to a Google alert.
    If you report this as a ZAP issue (Issues - zaproxy - OWASP ZAP: An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. - Google Project Hosting) or on the dev mailing list (https://groups.google.com/forum/#!forum/zaproxy-develop) then you'll get quicker responses

    Many thanks,

    Psiinon

Similar Threads

  1. OWASP Zed Attack Proxy version 1.3.0
    By psiinon in forum BackTrack 5 Tool Requests (NOW CLOSED) Please see sticky
    Replies: 1
    Last Post: 07-06-2011, 06:33 AM
  2. Zed Attack Proxy (ZAP)
    By psiinon in forum Tool Requests
    Replies: 14
    Last Post: 01-28-2011, 05:33 AM
  3. Proxy ARP an issue?
    By nightlybuild in forum Experts Forum
    Replies: 3
    Last Post: 03-06-2010, 01:33 AM
  4. Airodump-ng Issue + Aireplay-ng Issue
    By whiteice in forum OLD Newbie Area
    Replies: 1
    Last Post: 11-05-2008, 05:47 AM
  5. RT73 fragmentation attack issue
    By imported_johnjohnsp1 in forum OLD Wireless
    Replies: 1
    Last Post: 04-19-2008, 03:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •