Errors running zap_baseline.py script in container
Summary
The baseline script that is running for this container zap-baseline.py -t https://www.example.com
fails when run from inside of the container.
Steps to reproduce
Exec into the container and attempt to run the baseline script on the website of your choosing.
What is the current bug behavior?
We receive an error that Failed to access summary file /home/zap/zap_out.json
. We are able to touch the file, but then encounter an issue with the python script.
What is the expected correct behavior?
The expected correct behavior is that the penetration testing should take place once the script is run. The scan runs properly.
Relevant logs and/or screenshots
zap@9c2cd4d24766:/zap$ ls
CHANGELOG.md container lang license scripts xml zap-api-scan.py zap-full-scan.py zap-x.sh zap.ico zap_common.py
README db lib plugin webswing zap-2.11.1.jar zap-baseline.py zap-webswing.sh zap.bat zap.sh
zap@9c2cd4d24766:/zap$ ./zap-baseline.py -t https://www.google.com
2022-07-05 17:09:41,898 Could not find custom hooks file at /home/zap/.zap_hooks.py
Using the Automation Framework
2022-07-05 17:09:48,080 Failed to access summary file /home/zap/zap_out.json
After we touch the zap_out.json file...
zap@9c2cd4d24766:/zap$ touch /home/zap/zap_out.json
zap@9c2cd4d24766:/zap$ ./zap-baseline.py -t https://www.google.com
2022-07-05 17:12:23,895 Could not find custom hooks file at /home/zap/.zap_hooks.py
Using the Automation Framework
Traceback (most recent call last):
File "./zap-baseline.py", line 656, in <module>
main(sys.argv[1:])
File "./zap-baseline.py", line 440, in main
summary_data = json.load(f)
File "/usr/local/lib/python3.8/json/__init__.py", line 293, in load
return loads(fp.read(),
File "/usr/local/lib/python3.8/json/__init__.py", line 357, in loads
return _default_decoder.decode(s)
File "/usr/local/lib/python3.8/json/decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "/usr/local/lib/python3.8/json/decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)
Tasks
-
Bug has been identified and corrected within the container