When I used mongodb-brute script to check if MongoDB services have any authentication problerm, I found that if the MongoDB service run as default port 27017, this script could run and found "No authentication needed". but when MongoDB service run as other port, like 27018, this script didn't run and couldn't find any problerm.
I checked the script, and found on line 37,
portrule = shortport.port_or_service({27017}, {"mongodb"})
in script code the service name is mongodb, but nmap port check result service name is mongod, so the script didn't run.
After I changed this line to:
portrule = shortport.port_or_service({27017}, {"mongodb","mongod"})
then the script can check MongoDB service run as non-default port.
C:\Users\Shadow>nmap -n -Pn -p 27018 1.1.2.1 --script mongodb-brute
Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-20 21:30 ?D1ú±ê×?ê±??
Nmap scan report for 1.1.2.1
Host is up (0.00s latency).
PORT STATE SERVICE
27018/tcp open mongod
|_mongodb-brute: No authentication needed
Nmap done: 1 IP address (1 host up) scanned in 7.89 seconds
Maybe the same problem also on other scripts like mongodb-info and mongodb-databases.
When I used mongodb-brute script to check if MongoDB services have any authentication problerm, I found that if the MongoDB service run as default port 27017, this script could run and found "No authentication needed". but when MongoDB service run as other port, like 27018, this script didn't run and couldn't find any problerm.
I checked the script, and found on line 37,
portrule = shortport.port_or_service({27017}, {"mongodb"})in script code the service name is
mongodb, but nmap port check result service name ismongod, so the script didn't run.After I changed this line to:
portrule = shortport.port_or_service({27017}, {"mongodb","mongod"})then the script can check MongoDB service run as non-default port.
Maybe the same problem also on other scripts like
mongodb-infoandmongodb-databases.