No error or warning message seen when tried to perform "NoSQL DB Access Attacks"
Through Set option, Host IP, Mongo Shell IP and TCP port listener is provides and when 2 option i.e. NOSQL DB Access Attacks is enter i.e. 2. It does not error out. It simply remove 2 and prompt is waiting for you to enter any value.
Do you have an idea for a solution?
When option "2. NoSQL DB Access Attacks" is provided it should work or if there is any mistake it should error out.
How can we reproduce the issue?
Installed MongoDB and Create db instance
show dbs
use demo
db.users.save( {username:"demo"} )
db.users.find()
show dbs
Installed NoSQLMap
Run ./noSQLMap and run/selected following options
3.1 Set the target or host IP to 192.168.104.96
3.2 Set the Host IP for Mongo/Shells 192.168.104.96
3.3 Set TCP listener port 4444
3.4 Now select option 2 i.e. NoSQL DB Access Attack
When you hit enter, nothing is happening. No error message or any warning message
What are the running context details?
Installation method ( zip/tar.gz):
tar.gz
Client OS (Ubuntu`)
poc@poc3:~/Downloads/NoSQLMap-master$ uname -a
Linux poc3 4.15.0-20-generic #21-Ubuntu SMP Tue Apr 24 06:16:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Program version (python sqlmap.py --version or sqlmap --version depending on installation):
v.07
NoSQLMap==0.7
Target DBMS (e.g. Mongo):
MongoDB
Detected WAF/IDS/IPS protection (e.g. ModSecurity or unknown):
Unknown
Results of manual target assessment
Relevant console output (if any):
No error or warning message.. Nothing happen when you hit second option i.e. "NoSQLMap DB Access Attacks"
What's the problem (or question)?
No error or warning message seen when tried to perform "NoSQL DB Access Attacks"
Through Set option, Host IP, Mongo Shell IP and TCP port listener is provides and when 2 option i.e. NOSQL DB Access Attacks is enter i.e. 2. It does not error out. It simply remove 2 and prompt is waiting for you to enter any value.
Do you have an idea for a solution?
When option "2. NoSQL DB Access Attacks" is provided it should work or if there is any mistake it should error out.
How can we reproduce the issue?
What are the running context details?
Installation method (
zip
/tar.gz
):tar.gz
Client OS (Ubuntu`)
poc@poc3:~/Downloads/NoSQLMap-master$ uname -a
Linux poc3 4.15.0-20-generic #21-Ubuntu SMP Tue Apr 24 06:16:15 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Program version (
python sqlmap.py --version
orsqlmap --version
depending on installation):v.07
NoSQLMap==0.7
Target DBMS (e.g.
Mongo
):MongoDB
Detected WAF/IDS/IPS protection (e.g.
ModSecurity
orunknown
):Unknown
Results of manual target assessment
Relevant console output (if any):
No error or warning message.. Nothing happen when you hit second option i.e. "NoSQLMap DB Access Attacks"
Exception traceback (if any): None