Started by user anonymous
[CustomTools] - ZAP_2.4.0: Starting installation
[CustomTools] - ZAP_2.4.0: Tool is installed at /var/jenkins_home/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/ZAP_2.4.0/ZAP_2.4.0
[CustomTools] - ZAP_2.4.0: Setting ZAP_2.4.0_HOME=/var/jenkins_home/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/ZAP_2.4.0/ZAP_2.4.0
Building in workspace /var/jenkins_home/jobs/test_zap_selenium/workspace
------- START Prebuild -------
zapProgram = /var/jenkins_home/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/ZAP_2.4.0/ZAP_2.4.0
targetURL = http://192.168.59.103:35001
zapProxyHost = localhost
zapProxyPort = 9080
Start ZAProxy [/var/jenkins_home/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/ZAP_2.4.0/ZAP_2.4.0/zap.sh]
[ZAP_2.4.0] $ /var/jenkins_home/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/ZAP_2.4.0/ZAP_2.4.0/zap.sh -daemon -host localhost -port 9080 -dir /var/jenkins_home/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/ZAP_2.4.0/ZAP_2.4.0
Found Java version 1.8.0_45-internal
Available memory:  2001 MB
Setting jvm heap size: -Xmx512m
OpenJDK 64-Bit Server VM warning: ignoring option PermSize=256M; support was removed in 8.0
0 [main] INFO org.zaproxy.zap.ZAP  - OWASP ZAP 2.4.0 started.
335 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open start
345 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open end
558 [main] INFO org.parosproxy.paros.network.SSLConnector  - Reading supported SSL/TLS protocols...
558 [main] INFO org.parosproxy.paros.network.SSLConnector  - Using a SSLEngine...
689 [main] INFO org.parosproxy.paros.network.SSLConnector  - Done reading supported SSL/TLS protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]
695 [main] INFO org.parosproxy.paros.extension.option.OptionsParamCertificate  - Unsafe SSL renegotiation disabled.
948 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory  - Loading extensions
1898 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory  - Extensions loaded
2025 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Change user agent to other browsers. 
2025 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Detect insecure or potentially malicious content in HTTP responses.
2025 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Detect and alert 'Set-cookie' attempt in HTTP response for modification.
2025 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Avoid browser cache (strip off IfModifiedSince)
2025 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Log cookies sent by browser.
2025 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Log unique GET queries into file:filter/get.xls
2026 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Log unique POST queries into file:  filter/post.xls
2026 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Log request and response into file: filter/message.txt
2026 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Replace HTTP request body using defined pattern.
2026 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Replace HTTP request header using defined pattern.
2026 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Replace HTTP response body using defined pattern.
2026 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Replace HTTP response header using defined pattern.
2026 [ZAP-daemon] INFO org.parosproxy.paros.extension.filter.FilterFactory  - loaded filter Send ZAP session request ID
2119 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionViewOption
2120 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionEdit
2120 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionFilter
2120 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Provides a rest based API for controlling and accessing ZAP
2146 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionState
2146 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHistory
2148 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Show hidden fields and enable disabled fields
2149 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Search messages for strings and regular expressions 
2149 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Encode/Decode/Hash...
2149 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to intercept and modify requests and responses
2150 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Passive scanner
2187 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Script passive scan rules
2188 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Application Error Disclosure
2188 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Incomplete or No Cache-control and Pragma HTTP Header Set
2188 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Content-Type Header Missing
2188 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie No HttpOnly Flag
2188 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie Without Secure Flag
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cross-Domain JavaScript Source File Inclusion
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Web Browser XSS Protection Not Enabled
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Secure Pages Include Mixed Content
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Password Autocomplete in Browser
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Private IP Disclosure
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Session ID in URL Rewrite
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Content-Type-Options Header Missing
2189 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Frame-Options Header Not Set
2206 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to view and manage alerts
2206 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Active scanner, heavily based on the original Paros active scanner, but with additional tests added
2211 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Spider used for automatically finding URIs on a site
2216 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing A set of common popup menus for miscellaneous tasks
2216 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Forced browsing of files and directories using code from the OWASP DirBuster tool
Xlib:  extension "RANDR" missing on display ":99".
2530 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionManualRequest
2530 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows ZAP to check for updates
2531 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Compares 2 sessions and generates an HTML file showing the differences
2531 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Invoke external applications passing context related information such as URLs and parameters
2531 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Handles anti cross site request forgery (CSRF) tokens
2532 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionAuthentication
2921 [ZAP-daemon] INFO org.zaproxy.zap.extension.authentication.ExtensionAuthentication  - Loaded authentication method types: [Form-based Authentication, HTTP/NTLM Authentication, Manual Authentication, Script-based Authentication]
2923 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Creates a dynamic SSL certificate to allow SSL communications to be intercepted without warnings being generated by the browser
2924 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Logs errors to the Output tab in development mode only
2924 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionUserManagement
2925 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Summarise and analyse FORM and URL parameters as well as cookies
2925 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Script integration
2927 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Scripting console, supports all JSR 223 scripting languages
2927 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionForcedUser
2939 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Extension handling HTTP sessions
2940 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Zest is a specialized scripting language from Mozilla specifically designed to be used in security tools
3282 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionDiff
3282 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionRequestPostTableView
3282 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Simple browser configuration
3283 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionSessionManagement
3378 [ZAP-daemon] INFO org.zaproxy.zap.extension.sessions.ExtensionSessionManagement  - Loaded session management method types: [Cookie-based Session Management, Http Authentication Session Management]
3379 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelRequestFormTableView
3379 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Capture messages from WebSockets with the ability to set breakpoints.
3384 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Summarise and analyse FORM and URL parameters as well as cookies
3384 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionAuthorization
3384 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing AJAX Spider, uses Crawljax
3386 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Handles adding Global Excluded URLs
3387 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Adds menu item to refresh the Sites tree
3387 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Adds support for configurable keyboard shortcuts for all of the ZAP menus.
3387 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing OWASP ZAP User guide
3387 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionReport
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to configure which extensions are loaded when ZAP starts 
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelComponentonentAll
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelHexView
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelImageView
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelLargeRequestView
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelLargeResponseView
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelRequestQueryCookieTableView
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHttpPanelSyntaxHighlightTextView
3388 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing The Online menu links
3389 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Quick Start panel 
3389 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionSaveRawHttpMessage
3389 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Passive Scan Rules
3389 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Translations of the core language files
3389 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Tips and Tricks
3390 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Provides WebDrivers to control several browsers using Selenium and includes HtmlUnit browser.
3390 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Active Scan Rules
3390 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing The ZAP Getting Started Guide
3390 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Provides the foundation for concrete message types (for example, HTTP, WebSockets) expose fuzzer implementations.
3391 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows to fuzz HTTP messages.
3392 [Thread-5] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL  - Creating new root CA
------- END Prebuild -------
 java -jar /usr/lib/selenium/selenium-server.jar -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=9080 -htmlSuite *firefox http://192.168.59.103:35001 /var/jenkins_home/jobs/test_zap_selenium/workspace/set_suite.html /var/jenkins_home/jobs/test_zap_selenium/workspace/testresult.html
[workspace] $ java -jar /usr/lib/selenium/selenium-server.jar -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=9080 -htmlSuite *firefox http://192.168.59.103:35001 /var/jenkins_home/jobs/test_zap_selenium/workspace/set_suite.html /var/jenkins_home/jobs/test_zap_selenium/workspace/testresult.html
08:21:49.532 INFO - Launching a standalone Selenium Server
Setting system property http.proxyHost to 127.0.0.1
Setting system property http.proxyPort to 9080
08:21:49.572 INFO - Java: Oracle Corporation 25.45-b02
08:21:49.572 INFO - OS: Linux 4.0.5-boot2docker amd64
08:21:49.583 INFO - v2.46.0, with Core v2.46.0. Built from revision 87c69e2
08:21:49.643 INFO - Driver provider org.openqa.selenium.ie.InternetExplorerDriver registration is skipped:
registration capabilities Capabilities [{ensureCleanSession=true, browserName=internet explorer, version=, platform=WINDOWS}] does not match the current platform LINUX
08:21:49.643 INFO - Driver class not found: com.opera.core.systems.OperaDriver
08:21:49.643 INFO - Driver provider com.opera.core.systems.OperaDriver is not registered
08:23:35.897 WARN - Caution: '/usr/bin/firefox': file is a script file, not a real executable.  The browser environment is no longer fully under RC control
jar:file:/usr/lib/selenium/selenium-server-standalone-2.46.0.jar!/customProfileDirCUSTFFCHROME
08:23:36.000 INFO - Preparing Firefox profile...
08:23:37.008 INFO - Launching Firefox...
114340 [ZAP-ProxyThread-3] INFO org.zaproxy.zap.extension.httpsessions.ExtensionHttpSessions  - Added new session token for site '192.168.59.103:35001': PHPSESSID
114342 [ZAP-ProxyThread-3] INFO org.zaproxy.zap.extension.httpsessions.HttpSessionsSite  - Created a new session as no match was found: HttpSession [name=Session 0, active=false, tokenValues='']
08:23:39.743 INFO - Received posted results
sel_test.html
<a href="sel_test.html">sel_test</a></td></tr>
</tbody></table>




08:23:40.012 INFO - Killing Firefox...
08:23:40.073 INFO - Shutting down...
Perform ZAProxy
Skip loadSession
Spider the site [http://192.168.59.103:35001]
115799 [Thread-19] INFO org.zaproxy.zap.extension.spider.SpiderThread  - Starting spidering scan on SpiderApi-0 at Tue Jul 07 08:23:40 UTC 2015
115800 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Spider initializing...
Status spider = 0%
Alerts number = 		ApiResponseElement numberOfAlerts = 0

115828 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Starting spider...
115830 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001
115833 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115837 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115842 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/login.php
115849 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115849 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115849 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/dvwa
115851 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115851 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115851 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/dvwa/css
115851 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115851 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115851 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/dvwa/css/login.css
115860 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115860 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115860 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/dvwa/css/main.css
115861 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115862 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115862 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/dvwa/images
115863 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115863 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115863 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/dvwa/js
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/dvwa/js/dvwaPage.js
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/login.php
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115864 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/index.php
115872 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115873 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115873 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/vulnerabilities
115876 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115876 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115876 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/vulnerabilities/sqli/
115876 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115876 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
115876 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/vulnerabilities/sqli/?id=1+OR+1%3D1+--&Submit=Submit
115877 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/robots.txt
115877 [Thread-19] INFO org.zaproxy.zap.spider.Spider  - Adding seed for spider: http://192.168.59.103:35001/sitemap.xml
116229 [pool-1-thread-2] INFO org.zaproxy.zap.spider.Spider  - Spidering process is complete. Shutting down...
116230 [Thread-20] INFO org.zaproxy.zap.extension.spider.SpiderThread  - Spider scanning complete: true
Scan the site [http://192.168.59.103:35001]
Scan url [http://192.168.59.103:35001] with the following policy [Default policy]
116851 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Path Traversal
116852 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Remote File Inclusion
116852 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Server Side Include
116852 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Reflected)
116852 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Persistent)
116852 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin SQL Injection
116852 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Server Side Code Injection
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Remote OS Command Injection
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Directory Browsing
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin External Redirect
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin CRLF Injection
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Parameter Tampering
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Persistent) - Prime
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Persistent) - Spider
116853 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Script active scan rules
116855 [ZAP-ProxyThread-12] INFO org.parosproxy.paros.core.scanner.Scanner  - scanner started
116859 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Path Traversal
116861 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Remote File Inclusion
116862 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Server Side Include
116862 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Reflected)
116862 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Persistent)
116862 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin SQL Injection
116863 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Server Side Code Injection
116863 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Remote OS Command Injection
116868 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Directory Browsing
116868 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin External Redirect
116869 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin CRLF Injection
116870 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Parameter Tampering
116870 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Persistent) - Prime
116870 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Cross Site Scripting (Persistent) - Spider
116870 [Thread-21] INFO org.parosproxy.paros.core.scanner.PluginFactory  - loaded plugin Script active scan rules
Status scan = 0%
Alerts number = 		ApiResponseElement numberOfAlerts = 0

Messages number = 		ApiResponseElement numberOfMessages = 109

116925 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestPathTraversal strength INSANE threshold HIGH
Status scan = 0%
Alerts number = 		ApiResponseElement numberOfAlerts = 410

Messages number = 		ApiResponseElement numberOfMessages = 1618

Status scan = 0%
Alerts number = 		ApiResponseElement numberOfAlerts = 410

Messages number = 		ApiResponseElement numberOfMessages = 3171

128100 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestPathTraversal in 11.175s
128101 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestRemoteFileInclude strength INSANE threshold HIGH
131246 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestRemoteFileInclude in 3.145s
131246 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestServerSideInclude strength INSANE threshold HIGH
Status scan = 13%
Alerts number = 		ApiResponseElement numberOfAlerts = 410

Messages number = 		ApiResponseElement numberOfMessages = 3804

133979 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestServerSideInclude in 2.733s
133980 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestCrossSiteScriptV2 strength INSANE threshold HIGH
135849 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestCrossSiteScriptV2 in 1.869s
135849 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestSQLInjection strength INSANE threshold HIGH
Status scan = 26%
Alerts number = 		ApiResponseElement numberOfAlerts = 410

Messages number = 		ApiResponseElement numberOfMessages = 4115

139199 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestSQLInjection in 3.35s
139199 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | CodeInjectionPlugin strength INSANE threshold HIGH
141101 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | CodeInjectionPlugin in 1.902s
141101 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | CommandInjectionPlugin strength INSANE threshold HIGH
Status scan = 40%
Alerts number = 		ApiResponseElement numberOfAlerts = 410

Messages number = 		ApiResponseElement numberOfMessages = 4708

144620 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | CommandInjectionPlugin in 3.519s
144620 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestDirectoryBrowsing strength INSANE threshold HIGH
Status scan = 46%
Alerts number = 		ApiResponseElement numberOfAlerts = 417

Messages number = 		ApiResponseElement numberOfMessages = 4964

149968 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestDirectoryBrowsing in 5.348s
149968 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestExternalRedirect strength INSANE threshold HIGH
152325 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestExternalRedirect in 2.357s
152325 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestInjectionCRLF strength INSANE threshold HIGH
Status scan = 60%
Alerts number = 		ApiResponseElement numberOfAlerts = 417

Messages number = 		ApiResponseElement numberOfMessages = 5177

154033 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestInjectionCRLF in 1.707s
154033 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestParameterTamper strength INSANE threshold HIGH
156152 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestParameterTamper in 2.119s
156153 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestPersistentXSSPrime strength INSANE threshold HIGH
158040 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestPersistentXSSPrime in 1.887s
158041 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestPersistentXSSSpider strength INSANE threshold HIGH
Status scan = 80%
Alerts number = 		ApiResponseElement numberOfAlerts = 417

Messages number = 		ApiResponseElement numberOfMessages = 5304

163309 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestPersistentXSSSpider in 5.268s
163309 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | TestPersistentXSSAttack strength INSANE threshold HIGH
Status scan = 86%
Alerts number = 		ApiResponseElement numberOfAlerts = 417

164547 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | TestPersistentXSSAttack in 1.238s
164547 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - start host http://192.168.59.103:35001 | ScriptsActiveScanner strength INSANE threshold HIGH
Messages number = 		ApiResponseElement numberOfMessages = 5345

165811 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host/plugin http://192.168.59.103:35001 | ScriptsActiveScanner in 1.263s
165812 [Thread-22] INFO org.parosproxy.paros.core.scanner.HostProcess  - completed host http://192.168.59.103:35001 in 48.938s
165814 [Thread-21] INFO org.parosproxy.paros.core.scanner.Scanner  - scanner completed in 48.958s
File [/var/jenkins_home/jobs/test_zap_selenium/workspace/report_zap.html] saved
Save session to [/var/jenkins_home/jobs/test_zap_selenium/workspace/DefaultSession]
170029 [ZAP-ProxyThread-55] INFO org.parosproxy.paros.control.Control  - Save Session
170029 [ZAP-ProxyThread-55] INFO org.parosproxy.paros.core.scanner.Scanner  - scanner stopped
170038 [Thread-833] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache commit start
170087 [Thread-833] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - Database closed
170254 [Thread-833] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open start
170256 [Thread-833] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open end
Total alerts = 		ApiResponseElement numberOfAlerts = 417

Total messages = 		ApiResponseElement numberOfMessages = 5345

Shutdown ZAProxy
Finished: SUCCESS