2021-08-27 09:37 zapclient INFO : :: Configuring ZAP Instance with {'http': 'http://localhost:8080', 'https': 'http://localhost:8080'}
2021-08-27 09:37 zapclient INFO : :: Starting SCB ZAP Automation Framework with config /home/securecodebox/configs/
2021-08-27 09:37 ZapClient INFO : Importing YAML files for ZAP configuration at dir: '['/home/securecodebox/configs/1-zap-advanced-scantype.yaml', '/home/securecodebox/configs/2-zap-advanced-scan.yaml']'
2021-08-27 09:37 zapclient INFO : :: Starting SCB ZAP Scan with target http://juice-shop.juiceshop.svc:3000/
2021-08-27 09:37 ZapClient INFO : Configuring ZAP Global
2021-08-27 09:37 ZapConfigureSettings INFO : Creating a new ZAP session with the name: secureCodeBox
2021-08-27 09:37 ZapClient INFO : Configuring ZAP Context
2021-08-27 09:37 ZapConfigureContext INFO : Existing Contexts will be removed: ['Default Context']
2021-08-27 09:37 ZapConfigureContext INFO : Configuring a new ZAP Context with name: scb-juiceshop-context
2021-08-27 09:37 ZapConfigureContextAuthentication INFO : HTTP ZAP HTTP JSON Params: 'loginUrl=http://juice-shop.juiceshop.svc:3000/rest/user/login&loginRequestData={"email":"[email protected]","password":"admin123"}'
2021-08-27 09:37 ZapConfigureContext INFO : Existing Users will be removed before adding new ones.
2021-08-27 09:37 ZapConfigureContext INFO : Configuring the ZAP session management (type=scriptBasedSessionManagement)
2021-08-27 09:37 ZapClient INFO : Loading new Script 'juiceshop-session-management.js' at '/home/zap/.ZAP_D/scripts/scripts/session/juiceshop-session-management.js' with type: 'session' and engine 'Oracle Nashorn'
2021-08-27 09:37 ZapClient ERROR : The script couldn't be loaded due to errors!
2021-08-27 09:37 zapclient ERROR : Unexpected error: The script couldn't be loaded due to errors!
Traceback (most recent call last):
File "/zap-client/zapclient/__main__.py", line 64, in process
zap_automation.scan_target(target=args.target)
File "/zap-client/zapclient/zap_automation.py", line 84, in scan_target
zap_context.configure_contexts()
File "/zap-client/zapclient/context/zap_context.py", line 64, in configure_contexts
self._configure_context(context)
File "/zap-client/zapclient/context/zap_context.py", line 97, in _configure_context
self._configure_context_session_management(sessions_config=context["session"], context_id=context_id)
File "/zap-client/zapclient/context/zap_context.py", line 229, in _configure_context_session_management
self._configure_context_session_management_scriptbased(script_config=script_config, context_id=context_id)
File "/zap-client/zapclient/context/zap_context.py", line 245, in _configure_context_session_management_scriptbased
self._configure_load_script(script_config=script_config, script_type="session")
File "/zap-client/zapclient/zap_abstract_client.py", line 115, in _configure_load_script
self.check_zap_result(
File "/zap-client/zapclient/zap_abstract_client.py", line 71, in check_zap_result
raise Exception(exception_message)
Exception: The script couldn't be loaded due to errors!
2021-08-27 09:37 ZapClient INFO : :: Show all Statistics
2021-08-27 09:37 ZapClient INFO : []
2021-08-27 09:37 ZapClient INFO : :: Shutting down the running ZAP Instance.
🐞 Bug report
Describe the bug
Steps To Reproduce
kubectl create namespace juiceshophelm upgrade --install juice-shop secureCodeBox/juice-shop -n juiceshophelm upgrade --install zap-advanced secureCodeBox/zap-advanced -n juiceshopExpected behavior
The scanner should not fail and generate the findings.
System
Screenshots / Logs
ZAP logs