This suite consists of two different scripts, made to automate attacks against NoSQL databases.

Overview

NoSQL-Attack-Suite

This suite consists of two different scripts, made to automate attacks against NoSQL databases. The first one looks for a NoSQL Auth Bypass in login forms, while the other one can be used to dump credentials from the database if a NoSQL Auth Bypass is possible. These scripts have been tested on Mango and NodeBlog machines from HackTheBox (HTB). Thanks to @IppSec and @an0nlk for giving me ideas about these scripts.

nosql-login-bypass.py

Description

This script checks for GET,POST and JSON encoded POST requests to find a possible NoSQL Auth Bypass. For every type of request it injects a "template" invalid credential and an Auth Bypass Payload. Then it compares both status code and body of the responses to find discrepancies.

Usage

usage: ./nosql-login-bypass.py [-h] [-t T] [-u U] [-p P] [-o O]
optional arguments:
  -h, --help  show this help message and exit
  -t T        Target URL
  -u U        Username parameter
  -p P        Password parameter
  -o O        Other parameters, separated by comma

Example

./nosql-login-bypass.py -t http://staging-order.mango.htb -u username -p password -o "login=login"

The result will express if the login's form is vulnerable to the attack, and in particular for which type of request.

nosql-login-enum.py

Description

This script dumps credentials from the database, character by character. To make this script work, you need to specify the vulnerable request, the response's code and a string from the response's body of an Auth Bypass correctly done.

Usage

usage: ./nosql-login-enum.py [-h] [-t T] [-u U] [-p P] [-o O] [-m M] [-c C] [-s S] [--json]
optional arguments:
  -h, --help  show this help message and exit
  -t T        Target URL
  -u U        Username parameter
  -p P        Password parameter
  -o O        Other parameters, separated by comma
  -m M        Mode: GET or POST
  -c C        Response's code for correct injection
  -s S        Response's string for correct injection
  --json      Json encoded POST request

Example

./nosql-login-enum.py -t http://10.10.11.139/login -u user -p password -m POST -c 200 -s "UHC" --json

This will dump usernames and passwords from the database.

Notes

If there is any problem, feel free to send your pull requests :)

You might also like...
Cairo-integer-types - A library for bitwise integer types (e.g. int64 or uint32) in Cairo, with a test suite

The Cairo bitwise integer library (cairo-bitwise-int v0.1.1) The Cairo smart tes

Shell scripts made simple 🐚

zxpy Shell scripts made simple 🐚 Inspired by Google's zx, but made much simpler and more accessible using Python. Rationale Bash is cool, and it's ex

Cool little Python scripts & projects I've made.

Little Python Projects A repository for neat little Python scripts I've made! How to run a script: *NOTE: You'll need to install Python v3 or higher.

Check COVID locations of interest against Google location history
Check COVID locations of interest against Google location history

Location of Interest Checker Script to compare COVID locations of interest to Google location history. The script produces a map plot (as shown below)

Dot Browser is a privacy-conscious web browser with smarts built-in for protection against trackers and advertisments online.
Dot Browser is a privacy-conscious web browser with smarts built-in for protection against trackers and advertisments online.

🌍 Take back your privacy with Dot Browser, the privacy-conscious web browser that protects you from being tracked and monitored online.

Cirq is a Python library for writing, manipulating, and optimizing quantum circuits and running them against quantum computers and simulators
Cirq is a Python library for writing, manipulating, and optimizing quantum circuits and running them against quantum computers and simulators

Cirq is a Python library for writing, manipulating, and optimizing quantum circuits and running them against quantum computers and simulators. Install

A calculator to test numbers against the collatz conjecture

The Collatz Calculator This is an algorithm custom built by Kyle Dickey, used to test numbers against the simple rules of the Collatz Conjecture.

Annotates sequences with Eggnog-mapper and hhblits against PDB70

Annotating "hypothetical" proteins with the PDB See config/ for configuration information. This workflow takes as input a set of protein sequences. It

Arcpy Tool developed for ArcMap 10.x that checks DVOF points against TDS data and creates an output feature class as well as a check database.

DVOF_check_tool Arcpy Tool developed for ArcMap 10.x that checks DVOF points against TDS data and creates an output feature class as well as a check d

Owner
Road to eCPPT
null
A compilation of useful scripts to automate common tasks

Scripts-To-Automate-This A compilation of useful scripts for common tasks Name What it does Type Add file extensions Adds ".png" to a list of file nam

null 0 Nov 5, 2021
A set of scripts for a two-step procedure to measure the value of access to destinations across several modes of travel within a geographic area.

A set of scripts for a two-step procedure to measure the value of access to destinations across several modes of travel within a geographic area.

Institute for Transportation and Development Policy 2 Oct 16, 2022
A chain of stores wants a 3-month demand forecast for its 10 different stores and 50 different products.

Demand Forecasting Objective A chain store wants a machine learning project for a 3-month demand forecast for 10 different stores and 50 different pro

null 2 Jan 6, 2022
python scripts - mostly automation scripts

python python scripts - mostly automation scripts You can set your environment in various ways bash #!/bin/bash python - locally on remote host #!/bi

Enyi 1 Jan 5, 2022
A passive recon suite designed for fetching the information about web application

FREAK Suite designed for passive recon Usage: python3 setup.py python3 freak.py warning This tool will throw error if you doesn't provide valid api ke

toxic v3nom 7 Feb 17, 2022
Suite of tools for retrieving USGS NWIS observations and evaluating National Water Model (NWM) data.

Documentation OWPHydroTools GitHub pages documentation Motivation We developed OWPHydroTools with data scientists in mind. We attempted to ensure the

null 36 Dec 11, 2022
Introduction to Databases Coursework 2 (SQL) - dataset generator

Introduction to Databases Coursework 2 (SQL) - dataset generator This is python script generates a text file with insert queries for the schema.sql fi

Javier Bosch 1 Nov 8, 2021
A simple flashcard app built as a final project for a databases class.

CS2300 Final Project - Flashcard app 'FlashStudy' Tech stack Backend Python (Language) Django (Web framework) SQLite (Database) Frontend HTML/CSS/Java

Christopher Spencer 2 Feb 3, 2022
A project to work with databases in 4 worksheets, insert, update, select, delete using Python and MySqI

A project to work with databases in 4 worksheets, insert, update, select, delete using Python and MySqI As a small project for school or college hope it is useful

Sina Org 1 Jan 11, 2022
Pacman - A suite of tools for manipulating debian packages

Overview Repository is a suite of tools for manipulating debian packages. At a h

Pardis Pashakhanloo 1 Feb 24, 2022