27017 - MongoDB

Enumeration

nmap -sV --script "mongo* and default" -p 27017 <IP> #By default all the nmap mongo enumerate scripts are used

Commands

show dbs
use <db>
show collections
db.<collection>.find()  #Dump the collection
db.<collection>.count() #Number of records of the collection
db.current.find({"username":"admin"})  #Find in current db the username admin
db.users.updateOne({username: 'administrator'},{$set: {password: '8737729a3ada8674940065008dd87d9bc110221bf02b1048beab6078349e792c'}}) #Update a record (Dibble.oscp PG machine)
   > { "acknowledged" : true, "matchedCount" : 1, "modifiedCount" : 1 } #Result of the last command

Previous5432 - Postgres NextWeb Application Attacks

Last updated 1 year ago