Fix overeager requests update incompatible with python 2.7

docker/Dockerfile → Dockerfile

@@ -4,13 +4,12 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.9/main' >> /etc/apk/repositori
 RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.9/community' >> /etc/apk/repositories
 RUN apk update && apk add mongodb git
 
-RUN git clone https://github.com/codingo/NoSQLMap.git /root/NoSqlMap
-
-WORKDIR /root/NoSqlMap
+WORKDIR /work
+COPY . /work
 
 RUN python setup.py install
 
-RUN python -m pip install requests 'certifi<=2020.4.5.1'
+RUN python -m pip install 'requests<2.28' 'certifi<=2020.4.5.1'
 
 COPY entrypoint.sh /tmp/entrypoint.sh
 RUN chmod +x /tmp/entrypoint.sh

README.md

@@ -46,7 +46,7 @@ There are some various other libraries required that a normal Python installatio
 python setup.py install
 ```
 
-Alternatively you can build a Docker image by changing to the docker directory and entering:
+Alternatively you can build a Docker image by entering:
 
 ```
 docker build -t nosqlmap .
@@ -102,4 +102,45 @@ This repo also includes an intentionally vulnerable web application to test NoSQ
 docker-compose build && docker-compose up
 ```
 
-Once that is complete, you should be able to access the vulnerable application by visiting: https://127.0.0.1/index.html
+Once that is complete, you should be able to access the vulnerable application by visiting: https://127.0.0.1:8080/index.html
+
+## Scripting
+
+The cli can also be scripted.  Here's an example script using NoSQLMap to detect the vulnerabilities in vuln_apps:
+
+```
+$ echo  "1. Account Lookup (acct.php)"
+$ docker-compose run --remove-orphans nosqlmap \
+    --attack 2 \
+    --victim host.docker.internal \
+    --webPort 8080 \
+    --uri "/acct.php?acctid=test" \
+    --httpMethod GET \
+    --params 1 \
+    --injectSize 4 \
+    --injectFormat 2 \
+    --doTimeAttack n
+
+$ echo "2. User Data Lookup (userdata.php) - JavaScript Injection"
+$ docker-compose run --remove-orphans nosqlmap \
+    --attack 2 \
+    --victim host.docker.internal \
+    --webPort 8080 \
+    --uri "/userdata.php?usersearch=test" \
+    --httpMethod GET \
+    --params 1 \
+    --injectSize 4 \
+    --injectFormat 2 \
+    --doTimeAttack n
+
+$ echo "3. Order Data Lookup (orderdata.php) - JavaScript Injection"
+$ docker-compose run --remove-orphans nosqlmap \
+    --attack 2 \
+    --victim host.docker.internal \
+    --webPort 8080 \
+    --uri "/orderdata.php?ordersearch=test" \
+    --httpMethod GET \
+    --params 1 \
+    --injectSize 4 \
+    --injectFormat 2 \
+    --doTimeAttack n

entrypoint.sh

@@ -0,0 +1,2 @@
+#!/bin/ash
+python nosqlmap.py "$@"

setup.py

@@ -16,7 +16,7 @@
 
 			install_requires = [ "CouchDB==1.0", "httplib2==0.19.0", "ipcalc==1.1.3",\
 								 "NoSQLMap==0.7", "pbkdf2==1.3", "pymongo==2.7.2",\
-								 "requests==2.32.4"],
+								 "requests<2.28"],
 
 			author = "tcstool",
 			author_email = "codingo@protonmail.com",

vuln_apps/docker-compose.yml

@@ -6,14 +6,14 @@ services:
         links:
             - php
         ports:
-            - "80:80"
+            - "${NOSQLMAP_VULN_APPS_APACHE_PORT:-8080}:80"
         volumes:
             - ./src:/usr/local/apache2/htdocs
     php:
         container_name: php
         build: ./docker/php
         ports:
-            - "9000:9000"
+            - "${NOSQLMAP_VULN_APPS_PHP_PORT:-9000}:9000"
         volumes:
             - ./src:/usr/local/apache2/htdocs
         working_dir: /usr/local/apache2/htdocs
@@ -24,4 +24,4 @@ services:
             MONGO_INITDB_ROOT_PASSWORD: prisma
         build: ./docker/mongo
         ports:
-            - "27017:27017"
+            - "${NOSQLMAP_VULN_APPS_MONGO_PORT:-27017}:27017"

vuln_apps/src/userdata.php

@@ -11,7 +11,7 @@
 			$conn = new MongoClient('mongodb://127.0.0.1');
 			$db = $conn->appUserData;
 				$collection = $db->users;
-				$search = $_GET['usersearch'];
+				$usersearch = $_GET['usersearch'];
 				$js = "function () { var query = '". $usersearch . "'; return this.username == query;}";
 				print $js;
 				print '<br/>';
@@ -45,4 +45,4 @@
 			<?php echo $result; ?>
 		</div>
 	</body>
-</html>
+</html>