Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Orange address bar after using OWASP ZAP

more options

After using OWASP ZAProxy for the first time, the address bar is now orange and striped and there is a picture of a robot next to the padlock (see attached screenshot). I believe this is because ZAP uses selenium to control the browser, but for some reason it will not go back to normal.

I am on Linux Mint and am using Firefox 76.0

I have tried:

  • Restarting Firefox
  • Restarting my computer
  • Resetting Firefox
  • Running `firefox --new-instance --ProfileManager`
  • Uninstalling and reinstalling Firefox
  • Deleting all Firefox files and reinstalling
  • Rewinding my entire computer using Timeshift

So far, nothing has worked.

After using OWASP ZAProxy for the first time, the address bar is now orange and striped and there is a picture of a robot next to the padlock (see attached screenshot). I believe this is because ZAP uses selenium to control the browser, but for some reason it will not go back to normal. I am on Linux Mint and am using Firefox 76.0 I have tried: * Restarting Firefox * Restarting my computer * Resetting Firefox * Running `firefox --new-instance --ProfileManager` * Uninstalling and reinstalling Firefox * Deleting all Firefox files and reinstalling * Rewinding my entire computer using Timeshift So far, nothing has worked.
Attached screenshots

All Replies (2)

more options

hello,

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular web application security testing tools. It is made available for free as an open source project, and is contributed to and maintained by OWASP. The Open Web Application Security Project (OWASP) is a vendor-neutral, non-profit group of volunteers dedicated to making web applications more secure. The OWASP ZAP tool can be used during web application development by web developers or by experienced security experts during penetration tests to assess web applications for vulnerabilities.

OWASP ZAP Overview The OWASP Zed Attack Proxy is a Java-based tool that comes with an intuitive graphical interface, allowing web application security testers to perform fuzzing, scripting, spidering, and proxying in order to attack web apps. Being a Java tool means that it can be made to run on most operating systems that support Java. ZAP can be found by default within the Kali Linux Penetration Testing Operating System, or it can be download from here and run on OSs that have Java installed. The OWASP ZAP proxy borrows heavily in GUI appearance from the Paros Proxy Lightweight Web Application security testing tool. Kindly see this article for a detailed look at the Paros Proxy tool.

Launching the OWASP Zed Attack Proxy OWASP ZAP is found by default within the latest Kali Linux 2.0 Penetration Testing Linux distribution. It can be launched by navigating to the “Applications” menu and selecting the “Web Application Assessment” option. A list will appear showing the different tools used for web app security testing. Here we click on the OWASP ZAP tool and wait for it to launch. This can be seen below:


I am on Linux Mint and am using Firefox 76.0

I have tried:

   Restarting Firefox
   Restarting my computer
   Resetting Firefox
   Running `firefox --new-instance --ProfileManager`
   Uninstalling and reinstalling Firefox
   Deleting all Firefox files and reinstalling
   Rewinding my entire computer using Timeshift 

So far, nothing has worked.

more options

I'm using ZAP 2.6, Standard mode. I have white-listed all the parameter inputs. Running Active Scan, I get a SQL Injection Alert that I just cannot understand: When GETing the original page https://localhost:8443/rcrainfoweb/action/modules/br/interstateshiprecv/search , I get my standard error page, a blank html page, as expected. This page requires another missing parameter in order to run and return data. When GETing the page using the attack "query OR 1=1 -- " that is described in "Other Info" as: "The page results were successfully manipulated using the boolean conditions [query AND 1=1 -- ] and [query OR 1=1 -- ] The parameter value being modified was NOT stripped from the HTML output for the purposes of the comparison Data was NOT returned for the original parameter. The vulnerability was detected by successfully retrieving more data than originally returned, by manipulating the parameter" The origianal URL and both of the URL copied from the alert (Attack 1 below) and the secondary attack (Attack 2 below) yield the exact same standard error page, as expected. There is no difference between all three of the html error pages returned. See the attached html error page here => OR 1=1.txt Attack 1: https://localhost:8443/rcrainfoweb/action/modules/br/interstateshiprecv/search?query=query+AND+1%3D1+--+ Attack 2: https://localhost:8443/rcrainfoweb/action/modules/br/interstateshiprecv/search?query=query+OR+1%3D1+--+