4 box enum mark
# ssh mark:5AYRft73VtFpc84k
mark@node:/home$ cat /etc/passwd | grep sh
root:x:0:0:root:/root:/bin/bash
tom:x:1000:1000:tom,,,:/home/tom:/bin/bash
mark:x:1001:1001:Mark,,,:/home/mark:/bin/bash
mark@node:/home$ ls -la
total 20
drwxr-xr-x 5 root root 4096 Aug 31 2017 .
drwxr-xr-x 25 root root 4096 Sep 2 2017 ..
drwxr-xr-x 2 root root 4096 Aug 31 2017 frank
drwxr-xr-x 3 root root 4096 Sep 3 2017 mark
drwxr-xr-x 6 root root 4096 Sep 3 2017 tom
# no user: frank
mark@node:/var/www/myplace$ cat package.json
{
"name": "myplace",
"description": "A secure place to meet new people.",
"version": "1.0.0",
"private": true,
"dependencies": {
"express": "4.15.x",
"express-session": "1.15.x",
"body-parser": "1.17.x",
"mongodb": "2.2.x"
}
}
$ mongosh --host localhost -u mark -p 5AYRft73VtFpc84k myplace
Current Mongosh Log ID: 614a22df5b8cc6d49ba3bea3
Connecting to: mongodb://localhost:27017/myplace?directConnection=true&serverSelectionTimeoutMS=2000
Using MongoDB: 3.2.16
Using Mongosh: 1.0.6
For mongosh info see: https://docs.mongodb.com/mongodb-shell/
myplace> show dbs
MongoServerError: not authorized on admin to execute command { listDatabases: 1 }
myplace> show collections
users
myplace> db.users.find({})
[
{
_id: ObjectId("59a7365b98aa325cc03ee51c"),
username: 'myP14ceAdm1nAcc0uNT',
password: 'dffc504aa55359b9265cbebe1e4032fe600b64475ae3fd29c07d23223334d0af',
is_admin: true
},
{
_id: ObjectId("59a7368398aa325cc03ee51d"),
username: 'tom',
password: 'f0e2e750791171b0391b682ec35835bd6a5c3f7c8d1d0191451ec77b4d75f240',
is_admin: false
},
{
_id: ObjectId("59a7368e98aa325cc03ee51e"),
username: 'mark',
password: 'de5a1adf4fedcce1533915edc60177547f1057b61b7119fd130e1f7428705f73',
is_admin: false
},
{
_id: ObjectId("59aa9781cced6f1d1490fce9"),
username: 'rastating',
password: '5065db2df0d4ee53562c650c29bacf55b97e231e3fe88570abc9edd8b78ac2f0',
is_admin: false
}
]SiudEnum
PEAS
Last updated