"
During the actual tutorial at the conference, you will be in a dedicated wireless network where
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at
the start of the tutorial. However, to test WebScarab at your current location, you will need to
enter the HTTP proxy settings that apply to you there (the instructor cannot help you to find
out these settings; please ask a colleague or your help desk if you don’t know these settings).
Here is an example for the HTTP proxy settings (do not copy: these are valid only within the
instructor’s company network):
"
Between that and reading the error message on the terminal window where I start the Webscarab I figured it out. At first I started Googling the error messages on the page on Firefox errors below
WebScarab encountered an error trying to retrieve
GET http://127.0.0.1:8080/WebGoat/attack HTTP/1.1
Host: 127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Firefox/17.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Proxy-Connection: keep-alive
Cookie: JSESSIONID=608FFA0267805397313D8AB48E491DB6
Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=
The error was :
proxy.proxy.com
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:175)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
at java.net.Socket.connect(Socket.java:546)
at org.owasp.webscarab.httpclient.URLFetcher.connect(URLFetcher.java:368)
at org.owasp.webscarab.httpclient.URLFetcher.fetchResponse(URLFetcher.java:229)
at org.owasp.webscarab.plugin.proxy.RevealHidden$Plugin.fetchResponse(RevealHidden.java:100)
at org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse(ManualEdit.java:243)
at org.owasp.webscarab.plugin.proxy.ConnectionHandler.run(ConnectionHandler.java:233)
at java.lang.Thread.run(Thread.java:679)
GET http://127.0.0.1:8080/WebGoat/attack HTTP/1.1
Host: 127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Firefox/17.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Proxy-Connection: keep-alive
Cookie: JSESSIONID=608FFA0267805397313D8AB48E491DB6
Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=
The error was :
proxy.proxy.com
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:175)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
at java.net.Socket.connect(Socket.java:546)
at org.owasp.webscarab.httpclient.URLFetcher.connect(URLFetcher.java:368)
at org.owasp.webscarab.httpclient.URLFetcher.fetchResponse(URLFetcher.java:229)
at org.owasp.webscarab.plugin.proxy.RevealHidden$Plugin.fetchResponse(RevealHidden.java:100)
at org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse(ManualEdit.java:243)
at org.owasp.webscarab.plugin.proxy.ConnectionHandler.run(ConnectionHandler.java:233)
at java.lang.Thread.run(Thread.java:679)
I couldn't find a straight answer but everything kept stating "Creates a socket and connects it to the specified address on the specified port" so I start thinking "WTF! Am I? ME!? Going to have to setup and configure a local proxy on this machine for it to work?" I go back to the Configuration instructions and something stuck out
During the actual tutorial at the conference, you will be in a dedicated wireless network where
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at
the start of the tutorial
A thought came to mind "Maybe, just maybe I DON'T have to setup a proxt in Webscarab. My server is not connected to the internet or any network for that matter." So I deleted the proxy settings in Webscarab and once again try to browse to http://127.0.0.1:8080/WebGoat/attack. Webcarab opens as it does in intercept mode and then I hit "Accept Changes" and BAM! I get the Webgoat login prompt. YAY!!!!!!!!!!!
That's it for now, until I run into another issue to document. PEACE! (^__^)v
No comments:
Post a Comment