Sunday, August 23, 2015

HOWTO : NoSQLMap on Ubuntu 14.04 LTS

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases as well as web applications using NoSQL in order to disclose data from the database.

It is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap, and its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, "Abusing NoSQL Databases". Presently the tool's exploits are focused around MongoDB, but additional support for other NoSQL based platforms such as CouchDB, Redis, and Cassandra are planned in future releases.


Install

sudo apt-get install git python-setuptools

cd ~
mkdir arsenal
cd arsenal
git clone https://github.com/tcstool/nosqlmap.git
cd nosqlmap
sudo python setup.py install
python nosqlmap.py



Update/Upgrade

sudo apt-get update
sudo apt-get dist-upgrade

cd ~/arsenal/nosqlmap
git pull origin master
python setup.py install --force



Reference

GitHub
Videos

See also : Metasploit Framework


That's all! See you.