_ _ ___ ___ _ __ __
| \| |___/ __|/ _ \| | | \/ |__ _ _ __
| .` / _ \__ \ (_) | |__| |\/| / _` | '_ \
|_|\_\___/___/\__\_\____|_| |_\__,_| .__/
v0.7 codingo@protonmail.com |_|
1-Set options
2-NoSQL DB Access Attacks
3-NoSQL Web App attacks
4-Scan for Anonymous MongoDB Access
5-Change Platform (Current: MongoDB)
x-Exit
Select an option: 3
Web App Attacks (POST)
===============
Checking to see if site at<redacted> is up ..
Traceback (most recent call last):
File "./nosqlmap.py", line 544, in <module>
main(args)
File "./nosqlmap.py", line 47, in main
mainMenu()
File "./nosqlmap.py", line 103, in mainMenu
nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders)
File "/home/dirkw/networking/tools/NoSQLMap/nsmweb.py", line 428, in postApps
appRespCode = urllib2.urlopen(req).getcode()
File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 435, in open
response = meth(req, response)
File "/usr/lib/python2.7/urllib2.py", line 548, in http_response
'http', request, response, code, msg, hdrs)
File "/usr/lib/python2.7/urllib2.py", line 473, in error
return self._call_chain(*args)
File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 556, in http_error_default
raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
urllib2.HTTPError: HTTP Error 500: Internal Server Error
I was exactly trying to use this tool bc of the 500 I spotted manually. It signals to me either the application can't swallow what I am sending or it is passing the characters to the NoSQL DB and then the error occurs for one or the other reason.
Debian 10, fresh pull.
I was exactly trying to use this tool bc of the 500 I spotted manually. It signals to me either the application can't swallow what I am sending or it is passing the characters to the NoSQL DB and then the error occurs for one or the other reason.