27017 - 27018 mongoDB
https://book.hacktricks.xyz/network-services-pentesting/27017-27018-mongodb.
Description
27017 - The default port for mongod and mongos instances. You can change this port with port or --port.27018 - The default port for mongod when running with --shardsvr command-line option or the shardsvr value for the clusterRole setting in a configuration file. MongoDB is an open source database management system (DBMS) that uses a document-oriented database model which supports various forms of data.
To connect to a MongoDB
By default mongo does not require password. Admin is a common mongo database default admin user.
mongo $ip
mongo <HOST>:<PORT>
mongo <HOST>:<PORT>/<DB>
mongo <database> -u <username> -p '<password>'
Some MongoDB commands
# Enter in mongodb application
mongo
# See help
help
# Display databases
show dbs
# Select a database
use <db>
# Display collections in a database
show collections
# Dump a collection
db.<collection>.find()
# Return the number of records of the collection
db.<collection>.count()
# Find in current db the username admin
db.current.find({"username":"admin"})
# We can dump the contents of the documents present in the flag collection by using the db.collection.find() command. Let's replace the collection name flag in the command and also use pretty() in order to receive the output in a beautified format.