./nosqlmap.py --https=ON --attack 2 --victim <REDACTED> --webPort 443 --uri <LOGINPATH> --httpMethod POST --postData <faked_username_password_key_value_pairs> --injectFormat 1 --savePath output.log
Web App Attacks (POST)
===============
Checking to see if site at <REDACTED>:443/<LOGINPATH> is up...
Traceback (most recent call last):
File "./nosqlmap.py", line 544, in <module>
main(args)
File "./nosqlmap.py", line 45, in main
attack(args)
File "./nosqlmap.py", line 163, in attack
nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders, args)
File "NoSQLMap/nsmweb.py", line 428, in postApps
appRespCode = urllib2.urlopen(req).getcode()
File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 435, in open
response = meth(req, response)
File "/usr/lib/python2.7/urllib2.py", line 548, in http_response
'http', request, response, code, msg, hdrs)
File "/usr/lib/python2.7/urllib2.py", line 473, in error
return self._call_chain(*args)
File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 556, in http_error_default
raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
urllib2.HTTPError: HTTP Error 401: Unauthorized
Why does this thing stop when the application is returning a 401?
Why does this thing stop when the application is returning a 401?
Do I miss something or NoSQLMap?