problem about mongodb brute

[Shad0wpf]

When I used mongodb-brute script to check if MongoDB services have any authentication problerm, I found that if the MongoDB service run as default port 27017, this script could run and found "No authentication needed". but when MongoDB service run as other port, like 27018, this script didn't run and couldn't find any problerm.

I checked the script, and found on line 37,
portrule = shortport.port_or_service({27017}, {"mongodb"})
in script code the service name is mongodb, but nmap port check result service name is mongod, so the script didn't run.

After I changed this line to:
portrule = shortport.port_or_service({27017}, {"mongodb","mongod"})
then the script can check MongoDB service run as non-default port.

C:\Users\Shadow>nmap -n -Pn -p 27018 1.1.2.1 --script mongodb-brute
Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-20 21:30 ?D1ú±ê×?ê±??
Nmap scan report for 1.1.2.1
Host is up (0.00s latency).

PORT      STATE SERVICE
27018/tcp open  mongod
|_mongodb-brute: No authentication needed

Nmap done: 1 IP address (1 host up) scanned in 7.89 seconds

Maybe the same problem also on other scripts like mongodb-info and mongodb-databases.