search

andrewdouglas / CodeMash2023-AppSec

CodeMash 2023 - resources for Automating Almost All Application Security Things with CI/CD -- Even Honeypots!
13 stars 3 forks source link

Issue running zap-baseline.py: "Failed to access summary file" #6

Open iggyvolz opened 1 year ago

iggyvolz commented 1 year ago

On my system, I was not able to run zap-baseline.py during the lab today.

Reproduce case: Terminal 1:

$ docker run --rm -p 3000:3000 bkimminich/juice-shop:v14.3.1
# snip

Terminal 2:

$ docker run --rm -t --network host owasp/zap2docker-stable:2.12.0 zap-baseline.py -t http://localhost:3000
Using the Automation Framework
2023-01-10 20:26:51,936 Failed to access summary file /home/zap/zap_out.json

OS/Hardware: Steam Deck running stock Arch Linux Kernel: Linux 6.1.4-arch1-1 (originally detected with Linux Hardened) SELinux not installed

iggyvolz commented 1 year ago

Creating the /home/zap/zap_out.json file produces different errors, as if it is trying to read that file.

iggyvolz commented 1 year ago

Running without --network host produces:

$ docker run --rm -t owasp/zap2docker-stable:2.12.0 zap-baseline.py -t http://localhost:3000
Using the Automation Framework
Automation plan failures:
        Job spider failed to access URL http://localhost:3000 : Connect to http://localhost:3000 [localhost/127.0.0.1] failed: Connection refused (Connection refused)
2023-01-10 20:30:58,196 Failed to access summary file /home/zap/zap_out.json
iggyvolz commented 1 year ago

https://xkcd.com/349/: success