Detecting MongoDB instances with no authentication enabled
By default, MongoDB instances do not have access control enabled. Users and roles must be manually configured and authentication enabled in order to protect databases in the instance. Therefore, it is very common to find exposed MongoDB databases that require no authentication.
This recipe describes how to use Nmap to list databases in MongoDB.
How to do it...
To list MongoDB databases, enter the following command:
$ nmap -p27017 --script mongodb-databases <target>
The databases will be shown in the script output section:
PORT STATE SERVICE 27017/tcp open mongodb |_mongodb-brute: No authentication needed
How it works...
We launch the NSE script mongodb-databases
if a MongoDB server is found running on port 27017
(-p 27017 --script mongodb-databases
). By default, MongoDB does not have authentication enabled. If the administrators haven't configured users and roles, the databases will be accessible to anyone.
The script...