View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0003326 | Kali Linux | New Tool Requests | public | 2016-06-01 08:05 | 2020-02-11 16:09 |
Reporter | UNATCO | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | always |
Status | closed | Resolution | won't fix | ||
Summary | 0003326: NoSQLMap | ||||
Description |
Automated MongoDB and CouchDB database enumeration and cloning attacks. Extraction of database names, users, and password hashes through MongoDB web applications. Scanning subnets or IP lists for MongoDB and CouchDB databases with default access and enumerating versions. Dictionary and brute force password cracking of recovered MongoDB and CouchDB hashes. PHP application parameter injection attacks against MongoClient to return all database records. Javascript function variable escaping and arbitrary code injection to return all database records. Timing based attacks similar to blind SQL injection to validate Javascript injection vulnerabilities with no feedback from the application. | ||||
Steps To Reproduce | Please add to repos when you get the chance. AWESOME tool. | ||||
Additional Information | Note: If you are having issues with testing SSL web applications with self-signed or untrusted certificates on Kali Linux 2.0, this is a known issue. As a workaround, add the certificate to the system trusted certificates which should allow testing to function properly. | ||||
duplicate of | 0002988 | closed | NoSQLMap |
g0tmi1k, sorry for posting a duplicate, but it's such a useful program; had to. Anyone else want this? |
|
Bug Board Firewall blocks me posting the Traceback output when trying to run NoSQLMap after make & install. Seems to think it's some kind of attempted exploit lol. The gist from the Traceback is "ImportError: No module named nsmscan" with NoSQLMap not running. Please, please, please consider adding to the repos. Thanks. |
|
Thanks for supporting my tool guys! Would love to see it in Kali. Self-signed cert issue should be fixed in version 0.7 which is in the "stable" branch on github. NSMScan is an internal module which should be cloned with the Github repo. Email me at [email protected] if you continue to have issues. |
|
tcstool, thank you for posting here. Look forward to seeing your tool in the repos soon. It's badly needed... Have tried to build nosqlmap on multiple installs of Kali and the same Pythhon 2.7 nsmscan problem pops up. The verbatim traceback triggers the Bug Tracker firewall and blocks the post. lmao Contacted the administrators about it already and not much can be done other than posting it as an attachment. |
|
This should be fixed now...In case this was a stopping point from it being added to the repos. |
|
IT WORKS!!! THANK YOU, THANK YOU, THANK YOU!!! Okay... NoSQLMap now works GREAT with Kali. Please add to the repos. Please. |
|
Still working great. Any interest in adding to the repos from the admins? |
|
To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):
|
|
Its python 2 (currently) - which is EOL https://github.com/codingo/NoSQLMap/issues/97 |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2016-06-01 08:05 | UNATCO | New Issue | |
2016-06-01 08:06 | g0tmi1k | Relationship added | duplicate of 0002988 |
2016-06-16 19:58 | UNATCO | Note Added: 0005384 | |
2016-07-09 14:16 | UNATCO | Note Added: 0005485 | |
2016-07-11 16:17 | tcstool | Note Added: 0005520 | |
2016-07-16 04:56 | UNATCO | Note Added: 0005544 | |
2016-07-21 02:00 | tcstool | Note Added: 0005565 | |
2016-07-21 06:02 | UNATCO | Note Added: 0005566 | |
2016-08-03 23:33 | UNATCO | Note Added: 0005621 | |
2018-01-29 14:23 | g0tmi1k | Summary | Please Add NoSQLMap to the Repos => NoSQLMap |
2018-01-29 14:23 | g0tmi1k | Description Updated | |
2018-01-29 15:06 | g0tmi1k | Note Added: 0008436 | |
2018-02-21 09:35 | g0tmi1k | Product Version | 2016.1 => |
2019-12-09 13:30 | g0tmi1k | Severity | minor => feature |
2020-02-11 16:08 | g0tmi1k | Note Added: 0012240 | |
2020-02-11 16:09 | g0tmi1k | Status | new => closed |
2020-02-11 16:09 | g0tmi1k | Resolution | open => won't fix |