import time from pprint import pprint from zapv2 import ZAPv2 target = 'http://127.0.0.1' apikey = 'changeme' # Change to match the API key set in ZAP, or use None if the API key is disabled # By default ZAP API client will connect to port 8080 zap = ZAPv2(apikey=apikey) # Use the line below if ZAP is not listening on port 8080, for example, if listening on port 8090 # zap = ZAPv2(apikey=apikey, proxies={'http': 'http://127.0.0.1:8090', 'https': 'http://127.0.0.1:8090'}) # do stuff print 'Accessing target %s' % target # try have a unique enough session... zap.urlopen(target) # Give the sites tree a chance to get updated time.sleep(2) print 'Spidering target %s' % target scanid = zap.spider.scan(target) # Give the Spider a chance to start time.sleep(2) while (int(zap.spider.status(scanid)) < 100): print 'Spider progress %: ' + zap.spider.status(scanid) time.sleep(2) print 'Spider completed' # Give the passive scanner a chance to finish time.sleep(5) print 'Scanning target %s' % target scanid = zap.ascan.scan(target) while (int(zap.ascan.status(scanid)) < 100): print 'Scan progress %: ' + zap.ascan.status(scanid) time.sleep(5) print 'Scan completed' # Report the results print 'Hosts: ' + ', '.join(zap.core.hosts) print 'Alerts: ' pprint (zap.core.alerts())
出现python调 http://zap/JSON/ 超时的问题时的处理方法
We can now close this issue.
How we start ZAP:
zap-x.sh -daemon -port "80" -config "api.disablekey=true" -config "api.addrs.addr.name=.*" -config "api.addrs.addr.regex=true" &
How we solved the problem:
- Set the system HTTP proxy to ZAP
ENV http_proxy http://127.0.0.1:80
- Reuse chromedriver / geckodriver
ENV PATH $PATH:/root/.ZAP/webdriver/linux/64/
- Set Selenium webdriver's HTTP proxy to ZAP
profile = webdriver.FirefoxProfile()
profile.set_preference('network.proxy.type', 1)
profile.set_preference('network.proxy.http', '127.0.0.1')
profile.set_preference('network.proxy.http_port', 80)
profile.update_preferences()
options = webdriver.FirefoxOptions()
options.add_argument('--headless')
browser = webdriver.Firefox(firefox_profile = profile, firefox_options = options)
- Set Python ZAPv2 proxy to ZAP
proxies = {
'http': 'http://127.0.0.1:80',
'https': 'http://127.0.0.1:80'
}
zap = ZAPv2(proxies = proxies)