search

codingo / NoSQLMap

Automated NoSQL database enumeration and web application exploitation tool.
GNU General Public License v3.0
2.88k stars 577 forks source link

Fixed bugs in choosing payload length and format #71

Closed CaptainFreak closed 5 years ago

CaptainFreak commented 5 years ago

Fixed the following bug and other relevant error in nosql web attack.

  _     ___  ___  _    __  __           
| \| |___/ __|/ _ \| |  |  \/  |__ _ _ __ 
| .` / _ \__ \ (_) | |__| |\/| / _` | '_ \
|_|\_\___/___/\__\_\____|_|  |_\__,_| .__/
 v0.7 codingo@protonmail.com        |_|   

1-Set options
2-NoSQL DB Access Attacks
3-NoSQL Web App attacks
4-Scan for Anonymous MongoDB Access
5-Change Platform (Current: MongoDB)
x-Exit
Select an option: 3
Web App Attacks (GET)
===============
Checking to see if site at http://juice-shop.herokuapp.com:80/#/track-result?id=juice-shop.herokuapp.com/#/track-result … is up...
App is up!
Baseline test-Enter random string size: 5
What format should the random string take?
1-Alphanumeric
2-Letters only
3-Numbers only
4-Email address
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option: 1
Select an option:
codingo commented 5 years ago

Awesome work. I'm out at the moment but will review this ASAP.

CaptainFreak commented 5 years ago

Was this due to recent changes ? observed that other people are also noticing this bug at the same time. :)

codingo commented 5 years ago

Closes #70