search

stampery / mongoaudit

🔥 A powerful MongoDB auditing and pentesting tool 🔥
https://mongoaud.it
MIT License
1.32k stars 136 forks source link

Authenticated Option Crashes When Testing CVEs (Test #18 or #19) #38

Open bonedaddy opened 5 years ago

bonedaddy commented 5 years ago 
Traceback (most recent call last):
  File "./mongoaudit", line 11, in <module>
    sys.exit(main())
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/__main__.py", line 64, in main
    App().main()
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/__main__.py", line 23, in __init__
    self.main()
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/__main__.py", line 58, in main
    self.loop.run()
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/main_loop.py", line 286, in run
    self._run()
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/main_loop.py", line 384, in _run
    self.event_loop.run()
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/main_loop.py", line 788, in run
    self._loop()
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/main_loop.py", line 825, in _loop
    self._watch_files[fd]()
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/raw_display.py", line 404, in <lambda>
    event_loop, callback, self.get_available_raw_input())
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/raw_display.py", line 502, in parse_input
    callback(processed, processed_codes)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/main_loop.py", line 411, in _update
    self.process_input(keys)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/main_loop.py", line 511, in process_input
    k = self._topmost_widget.keypress(self.screen_size, k)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/container.py", line 595, in keypress
    *self.calculate_padding_filler(size, True)), key)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/container.py", line 1590, in keypress
    key = self.focus.keypress(tsize, key)
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/widgets.py", line 220, in keypress
    return self.__super.keypress(size, key)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/container.py", line 1590, in keypress
    key = self.focus.keypress(tsize, key)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/decoration.py", line 622, in keypress
    return self._original_widget.keypress(maxvals, key)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/container.py", line 2271, in keypress
    key = w.keypress((mc,) + size[1:], key)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/wimp.py", line 540, in keypress
    self._emit('click')
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/widget.py", line 460, in _emit
    signals.emit_signal(self, name, self, *args)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/signals.py", line 265, in emit
    result |= self._call_callback(callback, user_arg, user_args, args)
  File "/home/rtrade/.local/lib/python2.7/site-packages/urwid/signals.py", line 295, in _call_callback
    return bool(callback(*args_to_pass))
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/widgets.py", line 184, in next
    self.callbacks['next'](form=self, **(self.get_field_values()))
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/cards.py", line 101, in _next
    self.run_test(cred, title, tester, tests)
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/cards.py", line 129, in run_test
    test_runner.run(self.app)
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/widgets.py", line 271, in run
    self.tester.run(self.each, self.end)
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/testers/testers.py", line 45, in run
    res = test.run()
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/testers/testers.py", line 161, in run
    test_result = TEST_FUNCTIONS[self.test_name](self)
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/testers/testers.py", line 276, in <lambda>
    "8": lambda test: TestResult(success=bool(test.tester.get_db())),
  File "/home/rtrade/.local/lib/python2.7/site-packages/mongoaudit/testers/testers.py", line 130, in get_db
    database.authenticate(self.cred['username'], self.cred['password'])
  File "/home/rtrade/.local/lib/python2.7/site-packages/pymongo/database.py", line 1269, in authenticate
    self.name)
  File "/home/rtrade/.local/lib/python2.7/site-packages/pymongo/auth.py", line 107, in _build_credentials_tuple
    raise ConfigurationError("%s requires a username." % (mech,))
pymongo.errors.ConfigurationError: DEFAULT requires a username.

OS:

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.1 LTS"

Mongo Version:

db version v3.6.3
git version: 9586e557d54ef70f9ca4b43c26892cd55257e1a5
OpenSSL version: OpenSSL 1.1.0g  2 Nov 2017
allocator: tcmalloc
modules: none
build environment:
    distarch: x86_64
    target_arch: x86_64

mongoaudit was installed with pip