def attack(args):
platform = args.platform
victim = args.victim
webPort = args.webPort
dbPort = args.dbPort
myIP = args.myIP
myPort = args.myPort
uri = args.uri
https = args.https
verb = args.verb
httpMethod = args.httpMethod
requestHeaders = build_request_headers(args.requestHeaders)
postData = build_post_data(args.postData)
if args.attack == 1:
if platform == "MongoDB":
nsmmongo.netAttacks(victim, dbPort, myIP, myPort, args)
elif platform == "CouchDB":
nsmcouch.netAttacks(victim, dbPort, myIP, args)
elif args.attack == 2:
if httpMethod == "GET":
nsmweb.getApps(webPort, victim, uri, https, verb, requestHeaders,
args)
elif httpMethod == "POST":
nsmweb.postApps(victim, webPort, uri, https, verb, postData,
requestHeaders, args)
elif args.attack == 3:
scanResult = nsmscan.massScan(platform)
if scanResult != None:
optionSet[0] = True
victim = scanResult[1]
def attack(args):
platform = args.platform
victim = args.victim
webPort = args.webPort
dbPort = args.dbPort
myIP = args.myIP
myPort = args.myPort
uri = args.uri
https = args.https
verb = args.verb
httpMethod = args.httpMethod
requestHeaders = build_request_headers(args.requestHeaders)
postData = build_post_data(args.postData)
if args.attack == 1:
if platform == "MongoDB":
nsmmongo.netAttacks(victim, dbPort, myIP, myPort, args)
elif platform == "CouchDB":
nsmcouch.netAttacks(victim, dbPort, myIP, args)
elif args.attack == 2:
if httpMethod == "GET":
nsmweb.getApps(webPort,victim,uri,https,verb,requestHeaders, args)
elif httpMethod == "POST":
nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders, args)
elif args.attack == 3:
scanResult = nsmscan.massScan(platform)
if scanResult != None:
optionSet[0] = True
victim = scanResult[1]
if platform == "MongoDB":
nsmmongo.netAttacks(victim, dbPort, myIP, myPort)
elif platform == "CouchDB":
nsmcouch.netAttacks(victim, dbPort, myIP)
# Check minimum required options
else:
raw_input("Target not set! Check options. Press enter to continue...")
elif select == "3":
# Check minimum required options
if (optionSet[0] == True) and (optionSet[2] == True):
if httpMethod == "GET":
nsmweb.getApps(webPort,victim,uri,https,verb,requestHeaders)
elif httpMethod == "POST":
nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders)
else:
raw_input("Options not set! Check host and URI path. Press enter to continue...")
elif select == "4":
scanResult = nsmscan.massScan(platform)
if scanResult != None:
optionSet[0] = True
victim = scanResult[1]
def mainMenu():
global platform
global victim
global dbPort
global myIP
global webPort
global uri
global httpMethod
global https
global verb
global requestHeaders
global postData
mmSelect = True
while mmSelect:
os.system('clear')
print " _ _ ___ ___ _ __ __ "
print "| \| |___/ __|/ _ \| | | \/ |__ _ _ __ "
print "| .` / _ \__ \ (_) | |__| |\/| / _` | '_ \\"
print("|_|\_\___/___/\__\_\____|_| |_\__,_| .__/")
print(" v0.7 [email protected] |_| ")
print "\n"
print "1-Set options"
print "2-NoSQL DB Access Attacks"
print "3-NoSQL Web App attacks"
print "4-Scan for Anonymous " + platform + " Access"
print "5-Change Platform (Current: " + platform + ")"
print "x-Exit"
select = raw_input("Select an option: ")
if select == "1":
options()
elif select == "2":
if optionSet[0] == True and optionSet[4] == True:
if platform == "MongoDB":
nsmmongo.netAttacks(victim, dbPort, myIP, myPort)
elif platform == "CouchDB":
nsmcouch.netAttacks(victim, dbPort, myIP)
# Check minimum required options
else:
raw_input(
"Target not set! Check options. Press enter to continue..."
)
elif select == "3":
# Check minimum required options
if (optionSet[0] == True) and (optionSet[2] == True):
if httpMethod == "GET":
nsmweb.getApps(webPort, victim, uri, https, verb,
requestHeaders)
elif httpMethod == "POST":
nsmweb.postApps(victim, webPort, uri, https, verb,
postData, requestHeaders)
else:
raw_input(
"Options not set! Check host and URI path. Press enter to continue..."
)
elif select == "4":
scanResult = nsmscan.massScan(platform)
if scanResult != None:
optionSet[0] = True
victim = scanResult[1]
elif select == "5":
platSel()
elif select == "x":
sys.exit()
else:
raw_input("Invalid selection. Press enter to continue.")
def mainMenu():
global platform
global victim
global dbPort
global myIP
global webPort
global uri
global httpMethod
global https
global verb
global requestHeaders
global postData
mmSelect = True
while mmSelect:
os.system('clear')
print " _ _ ___ ___ _ __ __ "
print "| \| |___/ __|/ _ \| | | \/ |__ _ _ __ "
print "| .` / _ \__ \ (_) | |__| |\/| / _` | '_ \\"
print("|_|\_\___/___/\__\_\____|_| |_\__,_| .__/")
print(" v0.7 [email protected] |_| ")
print "\n"
print "1-Set options"
print "2-NoSQL DB Access Attacks"
print "3-NoSQL Web App attacks"
print "4-Scan for Anonymous " + platform + " Access"
print "5-Change Platform (Current: " + platform + ")"
print "x-Exit"
select = raw_input("Select an option: ")
if select == "1":
options()
elif select == "2":
if optionSet[0] == True and optionSet[4] == True:
if platform == "MongoDB":
nsmmongo.netAttacks(victim, dbPort, myIP, myPort)
elif platform == "CouchDB":
nsmcouch.netAttacks(victim, dbPort, myIP)
# Check minimum required options
else:
raw_input("Target not set! Check options. Press enter to continue...")
elif select == "3":
# Check minimum required options
if (optionSet[0] == True) and (optionSet[2] == True):
if httpMethod == "GET":
nsmweb.getApps(webPort,victim,uri,https,verb,requestHeaders)
elif httpMethod == "POST":
nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders)
else:
raw_input("Options not set! Check host and URI path. Press enter to continue...")
elif select == "4":
scanResult = nsmscan.massScan(platform)
if scanResult != None:
optionSet[0] = True
victim = scanResult[1]
elif select == "5":
platSel()
elif select == "x":
sys.exit()
else:
raw_input("Invalid selection. Press enter to continue.")
