4.0 KiB
AWS - DocumentDB Enum
{% hint style="success" %}
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
DocumentDB
Amazon DocumentDB, offering compatibility with MongoDB, is presented as a fast, reliable, and fully managed database service. Designed for simplicity in deployment, operation, and scalability, it allows the seamless migration and operation of MongoDB-compatible databases in the cloud. Users can leverage this service to execute their existing application code and utilize familiar drivers and tools, ensuring a smooth transition and operation akin to working with MongoDB.
Enumeration
aws docdb describe-db-clusters # Get username from "MasterUsername", get also the endpoint from "Endpoint"
aws docdb describe-db-instances #Get hostnames from here
# Parameter groups
aws docdb describe-db-cluster-parameter-groups
aws docdb describe-db-cluster-parameters --db-cluster-parameter-group-name <param_group_name>
# Snapshots
aws docdb describe-db-cluster-snapshots
aws --region us-east-1 --profile ad docdb describe-db-cluster-snapshot-attributes --db-cluster-snapshot-identifier <snap_id>
NoSQL Injection
As DocumentDB is a MongoDB compatible database, you can imagine it's also vulnerable to common NoSQL injection attacks:
{% embed url="https://book.hacktricks.xyz/pentesting-web/nosql-injection" %}
DocumentDB
{% content-ref url="../aws-unauthenticated-enum-access/aws-documentdb-enum.md" %} aws-documentdb-enum.md {% endcontent-ref %}
References
- https://aws.amazon.com/blogs/database/analyze-amazon-documentdb-workloads-with-performance-insights/
{% hint style="success" %}
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.