NoSQLi hangs on boolean based scan on POST request

[moivica]

I've tried nosqli on several different routes where i found injection manually to get familiar with the tool.
I have a target with vulnerable params in request body. When i start nosqli against it - it hangs on boolean based scan .

I've tried using a file (request copied from Burp) and also run command with url and body params: result is same for both cases, so there should be no syntax problems .

Unfortunately, i cant share info about vulnerable app so you can try debug on your side but maybe u can help me with debugging: is there some kind of verbose mode so i can check details?

Also to add - I don't have the same problem on the same target for few other requests where noSQL injection exist - but for every of them GET method is used.

[Charlie-belmer]

Could you try running nosqli through a proxy? It would help to see the request that is hanging, or if it seems to go into some kind of loop for some reason.

[moivica]

Could you try running nosqli through a proxy? It would help to see the request that is hanging, or if it seems to go into some kind of loop for some reason.

Unfortunately, I cant. Mentioned issue is fixed by dev - cant test it now. If something similar happens i'll try with proxy and write needed info here.

[moivica]

I had similar scenario again and i tried using local proxy.
My requests are forwarded properly when I'm using curl or some other http client as you can see on the pic below (http request to localhost was received properly on webhook.site)

But when i try to use nosqli with proxy I cant make it work.

I've tried different scenarios:

• use default port (80) and set proxy value to --proxy 127.0.0.1 : error proxyconnect tcp: dial tcp :0: connect: can't assign requested address appears
• specifying different ports in proxy value, eg. port 3000 - error Proxy not set correctly: parse "127.0.0.1:3000": first path segment in URL cannot contain colon
• using localhost:port syntax - error proxyconnect tcp: dial tcp :0: connect: can't assign requested address happens again...

Not sure what do i need to do to make it work... help appreciated

[Charlie-belmer]

Thank you for looking into it more carefully! The program uses HTTP proxies, so it's looking for a URL (this is probably something I can make less error prone based on your usage here). Here's what I do when using burp:

nosqli scan -p http://localhost:8080 -t <target>

[moivica]

Thank you for your help! Problem was in protocol - http:// prefix was missing.
It works with proxy now.
Now i can get more details if the reported issue happen again.

[moivica]

@Charlie-belmer Issue reproduced:

This time i leaved nosqli to work over weekend and when i came back i got error in console:

context deadline exceeded (Client.Timeout exceeded while awaiting headers)

When checking sent requests we can see that last request sent by nosqli was not properly finished:

I've send the same request today and response was received correctly.
Although server or network glitch was the cause of the error, it would be nice to handle it better so nosqli can finish checks properly when request timeout happens (if possible ofc)