Closed 26ayushagarwal closed 4 years ago
Thank you for reporting the issue. Could you please validate that the following minimalist patch rectifies it?
--- nselib/mongodb.lua.orig 2019-02-02 18:40:29.517567300 -0700
+++ nselib/mongodb.lua 2019-11-11 18:37:16.574910400 -0700
@@ -127,7 +127,7 @@
end
dbg("Packet length is %d",length)
--Final pack
- return true, string.pack("<I4z", length, elements)
+ return true, string.pack("<I4", length) .. elements .. "\0"
end
-- Reads a null-terminated string. If length is supplied, it is just cut
@@ -418,7 +418,7 @@
packet:addUnsignedInt32(0); -- options
packet:addString(collectionName);
packet:addUnsignedInt32(0) -- number to skip
- packet:addUnsignedInt32(-1) -- number to return : no limit
+ packet:addUnsignedInt32(0xFFFFFFFF) -- number to return : no limit
local status, error = packet:addBSON(query)
if not status then
If yes, I would then ask you to test another patch, which is slightly larger but cleaner.
Hello,
While running mongodb scripts fail with error message.
Nmap Version : 7.80
/usr/bin/../share/nmap/nselib/mongodb.lua:379: bad argument #2 to 'pack' (unsigned overflow) stack traceback: [C]: in function 'string.pack' /usr/bin/../share/nmap/nselib/mongodb.lua:379: in method 'addUnsignedInt32' /usr/bin/../share/nmap/nselib/mongodb.lua:421: in function </usr/bin/../share/nmap/nselib/mongodb.lua:416> (...tail calls...) /usr/bin/../share/nmap/scripts/mongodb-brute.nse:77: in upvalue 'needsAuth' /usr/bin/../share/nmap/scripts/mongodb-brute.nse:97: in function </usr/bin/../share/nmap/scripts/mongodb-brute.nse:95> (...tail calls...)