After of configure options when I run NoSQL DB Access Attacks, I have this error
1-Set options
2-NoSQL DB Access Attacks
3-NoSQL Web App attacks
4-Scan for Anonymous MongoDB Access
5-Change Platform (Current: MongoDB)
x-Exit
Select an option: 2
DB Access attacks (MongoDB)
=================
Checking to see if credentials are needed...
Traceback (most recent call last):
File "nosqlmap.py", line 544, in <module>
main(args)
File "nosqlmap.py", line 47, in main
mainMenu()
File "nosqlmap.py", line 86, in mainMenu
nsmmongo.netAttacks(victim, dbPort, myIP, myPort)
File "/opt/No-SQL/NoSQLMap/nsmmongo.py", line 36, in netAttacks
needCreds = mongoScan(target,dbPort,False)
File "/opt/No-SQL/NoSQLMap/nsmmongo.py", line 404, in mongoScan
dbList = conn.database_names()
File "/usr/local/lib/python2.7/dist-packages/pymongo/mongo_client.py", line 1936, in database_names
return self.list_database_names(session)
File "/usr/local/lib/python2.7/dist-packages/pymongo/mongo_client.py", line 1918, in list_database_names
for doc in self.list_databases(session, nameOnly=True)]
File "/usr/local/lib/python2.7/dist-packages/pymongo/mongo_client.py", line 1899, in list_databases
res = admin._retryable_read_command(cmd, session=session)
File "/usr/local/lib/python2.7/dist-packages/pymongo/database.py", line 756, in _retryable_read_command
_cmd, read_preference, session)
File "/usr/local/lib/python2.7/dist-packages/pymongo/mongo_client.py", line 1471, in _retryable_read
return func(session, server, sock_info, slave_ok)
File "/usr/local/lib/python2.7/dist-packages/pymongo/database.py", line 753, in _cmd
codec_options, session=session, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/pymongo/database.py", line 637, in _command
client=self.__client)
File "/usr/local/lib/python2.7/dist-packages/pymongo/pool.py", line 694, in command
exhaust_allowed=exhaust_allowed)
File "/usr/local/lib/python2.7/dist-packages/pymongo/network.py", line 161, in command
parse_write_concern_error=parse_write_concern_error)
File "/usr/local/lib/python2.7/dist-packages/pymongo/helpers.py", line 160, in _check_command_response
raise OperationFailure(errmsg, code, response, max_wire_version)
pymongo.errors.OperationFailure: command listDatabases requires authentication, full error: {u'code': 13, u'ok': 0.0, u'$clusterTime': {u'clusterTime': Timestamp(1626337136, 26), u'signature': {u'keyId': 6934662609962532882L, u'hash': Binary('M\x0c\x81\x08\xa0\xaa\x0f\xe0\xdb\x9c$\xa4\xe5\xa2\xf0\xa3\xaf1\x9f\x97', 0)}}, u'codeName': u'Unauthorized', u'operationTime': Timestamp(1626337136, 26), u'errmsg': u'command listDatabases requires authentication'}
Do you have an idea for a solution?
Not
How can we reproduce the issue?
Execute NoSQL DB Access Attacks
What are the running context details?
Installation method git clone
Client OS Linux K1 5.10.0-kali9-amd64 #1 SMP Debian 5.10.46-1kali1 (2021-06-25) x86_64 GNU/Linux
What's the problem (or question)?
After of configure options when I run NoSQL DB Access Attacks, I have this error
Do you have an idea for a solution?
Not
How can we reproduce the issue?
Execute NoSQL DB Access Attacks
What are the running context details?
A greeting and thanks