I want set the POST parameter for 3-NoSQL Web App attacks, but I got List of parameters: empty.
i.g. I want to POST { "id": "123" } to the API,
Select an option: 6
1-Send request as a GET
2-Send request as a POST
Select an option: 2
POST request set
Enter POST data in a comma separated list (i.e. param name 1,value1,param name 2,value2)
'id','123'
But it cannot match param I set.
Select an option: 3
Web App Attacks (POST)
===============
Checking to see if site at 127.0.0.1:3000/inject is up...
App is up!
List of parameters:
Which parameter should we inject? id
Traceback (most recent call last):
File "nosqlmap.py", line 544, in <module>
main(args)
File "nosqlmap.py", line 47, in main
mainMenu()
File "nosqlmap.py", line 103, in mainMenu
nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders)
File "/home/symant/NoSQLMap/nsmweb.py", line 466, in postApps
injOpt = str(postData.keys()[int(injIndex)-1])
ValueError: invalid literal for int() with base 10: 'id'
What's the problem (or question)?
I want set the POST parameter for
3-NoSQL Web App attacks
, but I gotList of parameters:
empty.i.g. I want to POST
{ "id": "123" }
to the API,But it cannot match param I set.
Thank you for your help!