TestInsecureHTTPVerbs.py scan failed with SocketTimeoutException #63
Description
Community script TestInsecureHTTPVerbs.py fails every time with the following stack :
java.net.SocketTimeoutException: java.net.SocketTimeoutException: Read timed out Traceback (most recent call last): File "<script>", line 69, in scanNode File "<script>", line 56, in TestTheURIForInsecureVerbs File "<script>", line 56, in TestTheURIForInsecureVerbs at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.read(Unknown Source) at java.net.SocketInputStream.read(Unknown Source) at java.io.BufferedInputStream.fill(Unknown Source) at java.io.BufferedInputStream.read(Unknown Source) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(Unknown Source) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.readResponse(Unknown Source) at org.apache.commons.httpclient.HttpMethodBase.execute(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(Unknown Source) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(Unknown Source) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.parosproxy.paros.network.HttpSender.executeMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.runMethod(Unknown Source) at org.parosproxy.paros.network.HttpSender.send(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAuthenticated(Unknown Source) at org.parosproxy.paros.network.HttpSender.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascan.ScriptsActiveScanner.sendAndReceive(Unknown Source) at org.parosproxy.paros.core.scanner.AbstractPlugin.sendAndReceive(Unknown Source) at org.zaproxy.zap.extension.ascan.ScriptsActiveScanner.sendAndReceive(Unknown Source) at sun.reflect.GeneratedMethodAccessor14.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source)
This happens on every site I've tested, included those in the comments like http://crackme.cenzic.com . By the way, It fails everytime on the TRACE method.