HEX
Server: nginx/1.22.1
System: Linux iZuf67d4hh2ssx30nkok6dZ 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: www (1000)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /usr/share/nmap/scripts/
Upload Files
File: //usr/share/nmap/scripts/mongodb-databases.nse
local creds = require "creds"
local nmap = require "nmap"
local shortport = require "shortport"
local stdnse = require "stdnse"

local mongodb = stdnse.silent_require "mongodb"

description = [[
Attempts to get a list of tables from a MongoDB database.
]]

---
-- @usage
-- nmap -p 27017 --script mongodb-databases <host>
-- @output
-- PORT      STATE SERVICE REASON
-- 27017/tcp open  unknown syn-ack
-- | mongodb-databases:  
-- |   ok = 1
-- |   databases
-- |     1
-- |       empty = false
-- |       sizeOnDisk = 83886080
-- |       name = test
-- |     0
-- |       empty = false
-- |       sizeOnDisk = 83886080
-- |       name = httpstorage
-- |     3
-- |       empty = true
-- |       sizeOnDisk = 1
-- |       name = local
-- |     2
-- |       empty = true
-- |       sizeOnDisk = 1
-- |       name = admin
-- |_  totalSize = 167772160

-- version 0.2
-- Created 01/12/2010 - v0.1 - created by Martin Holst Swende <martin@swende.se>
-- Revised 01/03/2012 - v0.2 - added authentication support <patrik@cqure.net>

author = "Martin Holst Swende"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories = {"default", "discovery", "safe"}

dependencies = {"mongodb-brute"}


portrule = shortport.port_or_service({27017}, {"mongodb"})

function action(host,port)

	local socket = nmap.new_socket()
	
	-- set a reasonable timeout value
	socket:set_timeout(10000)
	-- do some exception  / cleanup
	local catch = function()
		socket:close()
	end
	
	local try = nmap.new_try(catch)

	try( socket:connect(host, port) )
	
	-- uglyness to allow creds.mongodb to work, as the port is not recognized
	-- as mongodb, unless a service scan was run
	local ps = port.service
	port.service = 'mongodb'
	local c = creds.Credentials:new(creds.ALL_DATA, host, port)
	for cred in c:getCredentials(creds.State.VALID + creds.State.PARAM) do
		local status, err = mongodb.login(socket, "admin", cred.user, cred.pass)
		if ( not(status) ) then
			return err
		end
	end
	port.service = ps
	
	local req, result, packet, err, status
	--Build packet
	status, packet = mongodb.listDbQuery()
	if not status then return result end-- Error message
	
	--- Send packet
	status, result = mongodb.query(socket, packet)
	if not status then return result end-- Error message
	
	port.version.name ='mongodb'
	port.version.product='MongoDB'
	nmap.set_port_version(host,port)

	local output = mongodb.queryResultToTable(result)
	if err ~= nil then 
		stdnse.log_error(err) 
	end
	if result ~= nil then
		return stdnse.format_output(true, output )
	end
end
@ Telegram