search

codingo / NoSQLMap

Automated NoSQL database enumeration and web application exploitation tool.
GNU General Public License v3.0
2.88k stars 577 forks source link

fixed injectSize type error for Post attacks #81

Closed alexdetrano closed 5 years ago

alexdetrano commented 5 years ago

injectSize needs to be converted to an int before being passed to range argument. Otherwise we get a typeError since it is a string.

alexdetrano commented 5 years ago

also added a fix for parsing a burp file, where the trailing newline is not trimmed when reading the host address. This is a quick fix, the better way would be to remove all trailing lines as soon as we read in the file. But if we make that fix, we should also not use readlines since it has to read the whole file into memory, but instead do something like:

reqData = []
with open(loadpath, "r") as fo:
    for line in fo:
        reqData.append(line.rstrip())
alexdetrano commented 5 years ago

figured I'd make the change I just mentioned. So now we strip each line in a file as soon as we read it in. Also moved the file open into a with block, so that we don't have to worry about closing the file once we're done with it.

codingo commented 5 years ago

Excellent, thank-you! For a while now I've been rewriting this to take proper arguments / CLI input which will help to harden a lot of this. The pull request is still very appreciated however.