NoSQLMap is an automated Python tool for auditing and exploiting injection vulnerabilities and default configuration weaknesses in NoSQL databases and web applications.
Automated NoSQL database enumeration and web application exploitation tool.
Security professionals and penetration testers use NoSQLMap to identify and exploit security flaws in NoSQL databases like MongoDB and CouchDB, helping to disclose or clone sensitive data. It is particularly useful for testing web applications that rely on NoSQL backends to ensure their configurations and query handling are secure.
The tool currently supports only GET HTTP requests, with POST support under development. Users should ensure they have appropriate permissions before testing targets. Running the setup.sh script as root is recommended for dependency installation. The tool requires a local MongoDB instance for cloning databases and may require Metasploit Framework for advanced exploitation features.
Run setup.sh script as root on Debian or Red Hat systems to install dependencies
Install Python dependencies including PyMongo, httplib2, and urllib
Ensure Metasploit Framework is installed if using exploitation features
Install a local MongoDB instance for cloning databases
Run 'python setup.py install' to install NoSQLMap
Alternatively, build Docker image by navigating to the docker directory and running 'docker build -t nosqlmap .'
Use Docker-compose with 'docker-compose build' and 'docker-compose run nosqlmap' to run the toolpython NoSQLMap
Starts the NoSQLMap tool and presents the main menu for interaction
1-Set options
Configure target host/IP, web app port, URI path, HTTP method, local MongoDB IP, shell listener port, and load/save options
2-NoSQL DB Access Attacks
Launch attacks targeting NoSQL database access vulnerabilities
3-NoSQL Web App attacks
Perform injection and exploitation attacks against web applications using NoSQL databases
4-Scan for Anonymous MongoDB Access
Scan target servers for unsecured MongoDB instances allowing anonymous access
8-Load options from saved Burp request
Import HTTP request data saved from Burp Suite to populate attack parameters