Menu
In the docs (link) it says "Specify 0 to disable localhost authentication bypass. Enabled by default" for enableLocalhostAuthBypass. But when I start mongod with --auth:
mongod --port 30xxx --dbpath=/home/dev/xxxx --auth
And then connect via localhost:
mongo --host localhost --port 30xxx myDb
And then try to do anything:
> show collections
Wed Aug 7 11:07:50.420 JavaScript execution failed: error: {
"$err" : "not authorized for query on configuration.system.namespaces",
"code" : 16550
Bzzt, no go. I can connect with -u -p and run show collections though.
From the docs it really sounds like connecting via localhost will bypass auth by default. However that's not what I'm seeing. Are the docs unclear? Am I reading it wrong?
976
To authenticate as a user, you must provide a username, password, and the authentication database associated with that user. To authenticate using the mongo shell, either: Connect first to the MongoDB or mongos instance. Run the authenticate command or the db.
Connect and authenticate as the user administrator. Using the mongo shell, you can: Connect with authentication by passing in user credentials, or. Connect first without authentication, and then issue the db. auth() method to authenticate.
Bypassing Authentication: 1 After we confirm that the site is vulnerable to SQL injection, the next step is to type the appropriate payload... 2 Enter the below-mentioned command in the vulnerable field and this will result in a successful Authentication Bypass. More ...
Of course, for security reasons, the client will always need to ask again for the password whenever the hostname of the server changes. The AuthBasicProvider is, in this case, optional, since file is the default value for this directive.
Configuring user authentication using authselect authselect is a utility that allows you to configure system identity and authentication sources by selecting a specific profile. Profile is a set of files that describes how the resulting Pluggable Authentication Modules (PAM) and Network Security Services (NSS) configuration will look like.
Just insert the command in the password or vulnerable field and then click login then the authentication would be bypassed. As we can see, we finally cracked the login portal and logged in successfully. Note: Sometimes, some websites block –+, in such cases use #. Both do the same work.
enableLocalhostAuthBypass is used for the case when you have no user defined at all but with auth enabled on MongoDB and you don't want to be able to connect at all. It is not meant to turn off authentication for localhost altogether.
As soon as you have a user defined, then enabledLocalhostAuthBypass will do nothing and you have to authenticate first.
It is described in the documentation at: http://docs.mongodb.org/manual/tutorial/add-user-administrator/#authenticate-with-full-administrative-access-via-localhost
77
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
