MongoDB - Unauthenticated Access

ID: mongodb-unauth

Severity: high

Author: pdteam

Tags: network,mongodb,unauth,misconfig,tcp

Description

MongoDB was able to be accessed with no password. Note that MongoDB does not require a password by default.

YAML Source

id: mongodb-unauth

info:
  name: MongoDB - Unauthenticated Access
  author: pdteam
  severity: high
  description: MongoDB was able to be accessed with no password. Note that MongoDB does not require a password by default.
  remediation: Enable Authentication in MongoDB
  reference:
    - https://github.com/orleven/Tentacle
    - https://book.hacktricks.xyz/pentesting/27017-27018-mongodb
    - https://www.mongodb.com/features/mongodb-authentication
  metadata:
    max-request: 1
  tags: network,mongodb,unauth,misconfig,tcp
tcp:
  - inputs:
      - data: 480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000
        type: hex

    host:
      - "{{Hostname}}"
    port: 27017

    read-size: 2048
    matchers:
      - type: word
        words:
          - "totalLinesWritten"
# digest: 4a0a0047304502203439ddcf3672de48e1892d2693772e32af50daa6a601ba85385ce957d1162b09022100c15becbb15dcac7a0b4613cc2a3e9f8534b1ca88bef841cd5ca919b4389e4c3a:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "network/misconfig/mongodb-unauth.yaml"

View on Github