1 year ago
#219957
thomas
I'd like to scan the metasploitable2 VM with zap api scan (the docker one) using a context file but it seems the authentication doesn't work
I am working on scan automatisation and trying it on metasploitable2 VM using the following command:
docker container run --rm -v $(pwd):/zap/wrk --name container01 owasp/zap2docker-stable:latest zap-api-scan.py -g gen.conf -t http://192.168.56.104/ -f openapi -d -n fContext.context -U admin -r reporAdmin-test.html
My context file contains the following info:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<configuration>
<context>
<name>Default context</name>
<desc/>
<inscope>true</inscope>
<incregexes>http://192.168.56.104/</incregexes>
<tech>
....
<authentication>
<type>2</type>
<strategy>EACH_RESP</strategy>
<pollurl/>
<polldata/>
<pollheaders/>
<pollfreq>60</pollfreq>
<pollunits>REQUESTS</pollunits>
<loggedout>Login failed</loggedout>
<form>
<loginurl>http://192.168.56.104/dvwa/</loginurl>
<loginbody>username={%username%}&password={%password%}</loginbody>
<loginpageurl>http://192.168.56.104/dvwa/login.php</loginpageurl>
</form>
</authentication>
<users>
<user>2;true;YWRtaW4=;2;YWRtaW4=~cGFzc3dvcmQ=~</user>
<user>3;true;dXNlcg==;2;dXNlcg==~dXNlcg==~</user>
<user>4;true;dXNlcnA=;2;dXNlcg==~cGFzc3dvcmQ=~</user>
</users>
<forceduser>2</forceduser>
The context file has been generated via the UI of zap.
There's the right user and password set (admin & password) for the page http://192.168.56.104/dvwa/login.php and in the command I specify I that I want to use the user admin.
I get the following report: summary screenshot I get the same without using -U admin parameter, So I guess I missed something about authentication but I can't figure what it is.
The problem is that I have a small report, not including all the page of dvwa (SQL injection pages, XSS vulnerable pages etc.) The following pages should also be scaned
Thanks for your help !
docker
api
authentication
zap
0 Answers
Your Answer