NoSQL Databases

NoSQL, or rather NoAuthentication, has been a huge gift to the hacker community [1]. Just when I was worried that they'd finally patched all of the authentication bypass bugs in MySQL [2][3][4][5], new databases came into style that lack authentication by design. Nmap found a few in Hacking Team's internal network:

27017/tcp open mongodb MongoDB 2.6.5 | mongodb-databases: | ok = 1 | totalSizeMb = 47547 | totalSize = 49856643072 ... |_ version = 2.6.5

27017/tcp open mongodb MongoDB 2.6.5 | mongodb-databases: | ok = 1 | totalSizeMb = 31987 | totalSize = 33540800512 | databases ... |_ version = 2.6.5

They were the databases for test instances of RCS. The audio that RCS records is stored in MongoDB with GridFS. The audio folder in the torrent [6] came from this. They were spying on themselves without meaning to.

[1] https://www.shodan.io/search?query=product%3Amongodb [2] https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql [3] http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0001.html [4] http://downloads.securityfocus.com/vulnerabilities/exploits/hoagie_mysql.c [5] http://archives.neohapsis.com/archives/bugtraq/2000-02/0053.html [6] https://ht.transparencytoolkit.org/audio/