ValueError:基数为 10 的 int() 的文字无效:运行 .py 脚本进行 zap 测试时“does_not_exist”

问题描述 投票:0回答:1

我正在对两个 .Net 微服务进行 Zap 测试,并使用 Git Actions 自动化该过程,工作流程运行良好,没有任何错误,但是一旦我更新了代码库并在代码中添加了功能标志,它就会出现问题。 返回上述错误。下面是.py文件

 #!/usr/bin/env python
   import time
   import datetime
   import os
   import requests
   from pprint import pprint
   from pprint import pprint
   from zapv2 import ZAPv2 
   from zapv2 import ZAPv2 as ZAP
   from selenium.webdriver.firefox.options import Options as FirefoxOptions

   # The URL of the application to be tested
   target = 'http://localhost:5074/hello'
   # Change to match the API key set in ZAP, or use None if the API key is 
   disabled
   apiKey = 'xxxxxxxxxxxxxxx'

   firefox_options = FirefoxOptions()
   firefox_options.headless = True

   # By default ZAP API client will connect to port 8080
   # zap = ZAPv2(apikey=apiKey)
   # Use the line below if ZAP is not listening on port 8080, for example, 
   if listening on port 8090
   zap = ZAPv2(apikey=apiKey, proxies={'http': 'http://127.0.0.1:8090', 
   'https': 'http://127.0.0.1:8090'})

   print('Spidering target {}'.format(target))
   # The scan returns a scan id to support concurrent scanning
   scanID = zap.spider.scan(target)
   while int(zap.spider.status(scanID)) < 100:
       # Poll the status until it completes
       print('Spider progress %: {}'.format(zap.spider.status(scanID)))
       time.sleep(1)

   print('Spider has completed!')
   # Prints the URLs the spider has crawled
   print('\n'.join(map(str, zap.spider.results(scanID))))
   # If required post process the spider results

   # TODO: Explore the Application more with Ajax Spider or Start scanning 
   the application for vulnerabilities

   print('Ajax Spider target {}'.format(target))
   scanID = zap.ajaxSpider.scan(target)

   timeout = time.time() + 60*2   # 2 minutes from now
   # Loop until the ajax spider has finished or the timeout has exceeded
   while zap.ajaxSpider.status == 'running':
       if time.time() > timeout:
           break
       print('Ajax Spider status' + zap.ajaxSpider.status)
       time.sleep(2)

   print('Ajax Spider completed')
   ajaxResults = zap.ajaxSpider.results(start=0, count=10)
   # If required perform additional operations with the Ajax Spider results

   # TODO: Start scanning the application to find vulnerabilities
   print('Active Scanning target {}'.format(target))
   scanID = zap.ascan.scan(target)
   print(scanID)
   print(zap.ascan.status(scanID))
   while int(zap.ascan.status(scanID)) < 100:
       # Loop until the scanner has finished
       print('Scan progress %: {}'.format(zap.ascan.status(scanID)))
       time.sleep(25)

   print('Active Scan completed')
   # Print vulnerabilities found by the scanning
   print('Hosts: {}'.format(', '.join(zap.core.hosts)))
   print('Alerts: ')
   pprint(zap.core.alerts(baseurl=target))

   ###########
   alerts = zap.core.alerts(baseurl=target)
   print('Alerts: ')
   pprint(alerts)

   with open("zap-alerts.txt", "w") as f:
       f.write("Alerts:\n")
       for alert in alerts:
           f.write(str(alert) + "\n")


   # Shut down ZAP
   zap.core.shutdown()

以下是我遇到的具体错误

    Ajax Spider completed
Active Scanning target http://localhost:5074/hello
url_not_found
does_not_exist
Traceback (most recent call last):
  File "/home/cl/Desktop/Feature-toggling /sample-services/Sample-services/zap-testing.py", line 60, in <module>
    while int(zap.ascan.status(scanID)) < 100:
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ValueError: invalid literal for int() with base 10: 'does_not_exist'

我搜索了将以下内容转换为 int 的替代方法,但失败了,任何人都可以指导我解决此错误。

python error-handling zap
1个回答
0
投票

问题出在 docker compose 文件上,因为在调整标志后,服务使用端口 8080 而不是 80。我更新了它,现在一切都很好。

最新问题
© www.soinside.com 2019 - 2025. All rights reserved.