使用OWASP ZAP的ZEST脚本身份验证
[英]ZEST script authentication using OWASP ZAP
问题描述
I m trying to understand how to record login using ZEST script. 
我试图了解如何使用ZEST脚本记录登录信息。 Once recording the steps, how to reuse it? 一旦记录了步骤,如何重用它? I tried multiple times but I'm not able to get the right way of doing it. 我尝试了多次,但无法获得正确的方法。
1 个解决方案
解决方案1
0 2018-06-05 07:33:47
You need to 你需要
- Define a context 定义上下文
- Set the Authentication mechanism to scripts 将身份验证机制设置为脚本
- Select your Zest script 选择您的Zest脚本
- Set relevant Logged In/Out Indicators 设置相关的登录/注销指示器
- Add a valid user and password 添加有效的用户名和密码
- Test it all :) 全部测试:)
The following FAQ is for configuring form based auth, but is still mostly relevant for scipts, esp the trouble shooting section: https://github.com/zaproxy/zaproxy/wiki/FAQformauth 以下常见问题解答用于配置基于表单的身份验证,但仍然与密件最相关,尤其是故障排除部分: https : //github.com/zaproxy/zaproxy/wiki/FAQformauth
If you're still having problems then the ZAP User Group is probably a better forum for getting support: https://groups.google.com/group/zaproxy-users 如果您仍然遇到问题,则ZAP用户组可能是获得支持的更好论坛: https : //groups.google.com/group/zaproxy-users
This article may also be of assistance: Scripting Authenticated Login within ZAP Vulnerability Scanner 本文可能也有帮助: ZAP漏洞扫描程序中的脚本验证登录
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.