# Mongod

{% file src="<https://4124809220-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlcxVqdgOGpkobti7mzML%2Fuploads%2FRnLtVfSdzuFR1DEYSds4%2FMongod_Write_Up.pdf?alt=media&token=b1763372-1c74-4463-b6cc-2e4f9682e3e8>" %}

**Task 1: How many TCP ports are open on the machine?**

* Quick nmap scan shows 2 tcp ports open

**Task 2: Which service is running on port 27017 of the remote host?**

* Run a quick nmap scan:

```
nmap -sV -p 27017 [IP]
```

* Version --> MongoDB 3.6.8

**Task 3: What type of database is MongoDB? (Choose: SQL or NoSQL)**

* A quick google search shows it is a noSQL

**Task 4: What is the command name for the Mongo shell that is installed with the mongodb-clients package?**

* The command name is just "mongo"

**Task 5: What is the command used for listing all the databases present on the MongoDB server? (No need to include a trailing ;)**

* Reviewing the write up, there is a section after connecting to the database that shows the command: "show dbs"

**Task 6: What is the command used for listing out the collections in a database? (No need to include a trailing ;)**

* In the write up the command is "show collections"

**Task 7: What is the command used for dumping the content of all the documents within the collection named flag in a format that is easy to read?**

* Looking in the write up shows the command is db.flag.find().pretty()

**Submit the Flag:**

* Start by installing mongodb to your hackbox.
* Follow the steps in the write up to do this.
* Once you have it installed, access the database with:

```
./mongo mongodb://10.129.70.122:27017
```

* Next show what databases are available with "show dbs":
  * ![](https://4124809220-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlcxVqdgOGpkobti7mzML%2Fuploads%2FsEZDOFacdXUhRy1PvMzj%2Fimage.png?alt=media\&token=fa9d3797-cd4d-41e0-801f-bad355a78154)
* Switch to "sensitive\_information" with "use" command:
  * ![](https://4124809220-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlcxVqdgOGpkobti7mzML%2Fuploads%2FTYLFuBJlLe4eV07BXy1r%2Fimage.png?alt=media\&token=c49011b2-90cd-45e4-ae48-6886d18a0ba0)
* Next is to show the collections in this database:
  * ![](https://4124809220-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlcxVqdgOGpkobti7mzML%2Fuploads%2FY2UnO02tJjyGG5sTyZxP%2Fimage.png?alt=media\&token=a6c13cc6-5a16-4398-9b0f-7949ce3c9cf6)
* To open the flag, use the following command:
  * ![](https://4124809220-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlcxVqdgOGpkobti7mzML%2Fuploads%2F8nhwfaZ7Sdab2gyXLrMi%2Fimage.png?alt=media\&token=4b0e6fd4-7e86-4057-8cd8-0f0d789e7240)