Running in Docker with a MongoDB container.
Command ran:
docker run --rm -it --link astra-mongo:mongo astra-cli --method GET -u http://<hostname>:19999/api/
Results:
_
/\ | |
/ \ ___| |_ _ __ __ _
/ /\ \ / __| __| '__/ _` |
/ ____ \__ \ |_| | | (_| |
/_/ \_\___/\__|_| \__,_|
[+]http://<hostname>:19999/api/ is vulnerable to cross domain attack
/usr/local/lib/python2.7/site-packages/pymongo/topology.py:150: UserWarning: MongoClient opened before fork. Create MongoClient only after forking. See PyMongo's documentation for details: http://api.mongodb.org/python/current/faq.html#is-pymongo-fork-safe
"MongoClient opened before fork. Create MongoClient only "
Failed to test Broken authentication and session management
Process module-scan:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/multiprocessing/process.py", line 267, in _bootstrap
self.run()
File "/usr/local/lib/python2.7/multiprocessing/process.py", line 114, in run
self._target(*self._args, **self._kwargs)
File "./astra.py", line 121, in modules_scan
sqli_check(url,method,headers,body,scanid)
File "/app/modules/sqli.py", line 116, in sqli_check
set_option_status = set_options_list(url,method,headers,body,taskid)
File "/app/modules/sqli.py", line 34, in set_options_list
if options_list.status_code == 200:
AttributeError: 'NoneType' object has no attribute 'status_code'
Running in Docker with a MongoDB container. Command ran:
docker run --rm -it --link astra-mongo:mongo astra-cli --method GET -u http://<hostname>:19999/api/Results:Running on Kali Linux 2019.2 and Docker 18.09.8
Cheers