def attack(args): platform = args.platform victim = args.victim webPort = args.webPort dbPort = args.dbPort myIP = args.myIP myPort = args.myPort uri = args.uri https = args.https verb = args.verb httpMethod = args.httpMethod requestHeaders = build_request_headers(args.requestHeaders) postData = build_post_data(args.postData) if args.attack == 1: if platform == "MongoDB": nsmmongo.netAttacks(victim, dbPort, myIP, myPort, args) elif platform == "CouchDB": nsmcouch.netAttacks(victim, dbPort, myIP, args) elif args.attack == 2: if httpMethod == "GET": nsmweb.getApps(webPort, victim, uri, https, verb, requestHeaders, args) elif httpMethod == "POST": nsmweb.postApps(victim, webPort, uri, https, verb, postData, requestHeaders, args) elif args.attack == 3: scanResult = nsmscan.massScan(platform) if scanResult != None: optionSet[0] = True victim = scanResult[1]
def attack(args): platform = args.platform victim = args.victim webPort = args.webPort dbPort = args.dbPort myIP = args.myIP myPort = args.myPort uri = args.uri https = args.https verb = args.verb httpMethod = args.httpMethod requestHeaders = build_request_headers(args.requestHeaders) postData = build_post_data(args.postData) if args.attack == 1: if platform == "MongoDB": nsmmongo.netAttacks(victim, dbPort, myIP, myPort, args) elif platform == "CouchDB": nsmcouch.netAttacks(victim, dbPort, myIP, args) elif args.attack == 2: if httpMethod == "GET": nsmweb.getApps(webPort,victim,uri,https,verb,requestHeaders, args) elif httpMethod == "POST": nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders, args) elif args.attack == 3: scanResult = nsmscan.massScan(platform) if scanResult != None: optionSet[0] = True victim = scanResult[1]
elif select == "3": # Check minimum required options if (optionSet[0] == True) and (optionSet[2] == True): if httpMethod == "GET": nsmweb.getApps(webPort,victim,uri,https,verb,requestHeaders) elif httpMethod == "POST": nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders) else: raw_input("Options not set! Check host and URI path. Press enter to continue...") elif select == "4": scanResult = nsmscan.massScan(platform) if scanResult != None: optionSet[0] = True victim = scanResult[1] elif select == "5": platSel() elif select == "x": sys.exit() else: raw_input("Invalid selection. Press enter to continue.")
def mainMenu(): global platform global victim global dbPort global myIP global webPort global uri global httpMethod global https global verb global requestHeaders global postData mmSelect = True while mmSelect: os.system('clear') print " _ _ ___ ___ _ __ __ " print "| \| |___/ __|/ _ \| | | \/ |__ _ _ __ " print "| .` / _ \__ \ (_) | |__| |\/| / _` | '_ \\" print("|_|\_\___/___/\__\_\____|_| |_\__,_| .__/") print(" v0.7 [email protected] |_| ") print "\n" print "1-Set options" print "2-NoSQL DB Access Attacks" print "3-NoSQL Web App attacks" print "4-Scan for Anonymous " + platform + " Access" print "5-Change Platform (Current: " + platform + ")" print "x-Exit" select = raw_input("Select an option: ") if select == "1": options() elif select == "2": if optionSet[0] == True and optionSet[4] == True: if platform == "MongoDB": nsmmongo.netAttacks(victim, dbPort, myIP, myPort) elif platform == "CouchDB": nsmcouch.netAttacks(victim, dbPort, myIP) # Check minimum required options else: raw_input( "Target not set! Check options. Press enter to continue..." ) elif select == "3": # Check minimum required options if (optionSet[0] == True) and (optionSet[2] == True): if httpMethod == "GET": nsmweb.getApps(webPort, victim, uri, https, verb, requestHeaders) elif httpMethod == "POST": nsmweb.postApps(victim, webPort, uri, https, verb, postData, requestHeaders) else: raw_input( "Options not set! Check host and URI path. Press enter to continue..." ) elif select == "4": scanResult = nsmscan.massScan(platform) if scanResult != None: optionSet[0] = True victim = scanResult[1] elif select == "5": platSel() elif select == "x": sys.exit() else: raw_input("Invalid selection. Press enter to continue.")
def mainMenu(): global platform global victim global dbPort global myIP global webPort global uri global httpMethod global https global verb global requestHeaders global postData mmSelect = True while mmSelect: os.system('clear') print " _ _ ___ ___ _ __ __ " print "| \| |___/ __|/ _ \| | | \/ |__ _ _ __ " print "| .` / _ \__ \ (_) | |__| |\/| / _` | '_ \\" print("|_|\_\___/___/\__\_\____|_| |_\__,_| .__/") print(" v0.7 [email protected] |_| ") print "\n" print "1-Set options" print "2-NoSQL DB Access Attacks" print "3-NoSQL Web App attacks" print "4-Scan for Anonymous " + platform + " Access" print "5-Change Platform (Current: " + platform + ")" print "x-Exit" select = raw_input("Select an option: ") if select == "1": options() elif select == "2": if optionSet[0] == True and optionSet[4] == True: if platform == "MongoDB": nsmmongo.netAttacks(victim, dbPort, myIP, myPort) elif platform == "CouchDB": nsmcouch.netAttacks(victim, dbPort, myIP) # Check minimum required options else: raw_input("Target not set! Check options. Press enter to continue...") elif select == "3": # Check minimum required options if (optionSet[0] == True) and (optionSet[2] == True): if httpMethod == "GET": nsmweb.getApps(webPort,victim,uri,https,verb,requestHeaders) elif httpMethod == "POST": nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders) else: raw_input("Options not set! Check host and URI path. Press enter to continue...") elif select == "4": scanResult = nsmscan.massScan(platform) if scanResult != None: optionSet[0] = True victim = scanResult[1] elif select == "5": platSel() elif select == "x": sys.exit() else: raw_input("Invalid selection. Press enter to continue.")