1.7 KiB
AWS - DocumentDB Enum
{{#include ../../../banners/hacktricks-training.md}}
DocumentDB
Amazon DocumentDB, offering compatibility with MongoDB, is presented as a fast, reliable, and fully managed database service. Designed for simplicity in deployment, operation, and scalability, it allows the seamless migration and operation of MongoDB-compatible databases in the cloud. Users can leverage this service to execute their existing application code and utilize familiar drivers and tools, ensuring a smooth transition and operation akin to working with MongoDB.
Enumeration
aws docdb describe-db-clusters # Get username from "MasterUsername", get also the endpoint from "Endpoint"
aws docdb describe-db-instances #Get hostnames from here
# Parameter groups
aws docdb describe-db-cluster-parameter-groups
aws docdb describe-db-cluster-parameters --db-cluster-parameter-group-name <param_group_name>
# Snapshots
aws docdb describe-db-cluster-snapshots
aws --region us-east-1 --profile ad docdb describe-db-cluster-snapshot-attributes --db-cluster-snapshot-identifier <snap_id>
NoSQL Injection
As DocumentDB is a MongoDB compatible database, you can imagine it's also vulnerable to common NoSQL injection attacks:
{{#ref}} https://book.hacktricks.wiki/en/pentesting-web/nosql-injection.html {{#endref}}
DocumentDB
{{#ref}} ../aws-unauthenticated-enum-access/aws-documentdb-enum.md {{#endref}}
References
- https://aws.amazon.com/blogs/database/analyze-amazon-documentdb-workloads-with-performance-insights/
{{#include ../../../banners/hacktricks-training.md}}