CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/auxiliary/scanner/couchdb/couchdb_login.md
Views: 1904
Vulnerable Application
Apache CouchDB is a nosql database server which communicates over HTTP. This module will enumerate the server and databases hosted on it.
Docker setup
docker run -p 5984:5984 --env COUCHDB_USER=admin --env COUCHDB_PASSWORD=password apache/couchdb:3.3.1
After running this command you will see the server is returning errors, to resolve this we must run some cURL commands.In another window, after startup, run the following three cURL commands:
After running these commands you should get the following response when accessing http://localhost:5984/.
Ubuntu 16.04 Setup
The following was done on Ubuntu 16.04, and is largely based on 1and1.com:
sudo apt install software-properties-common
sudo add-apt-repository ppa:couchdb/stable
sudo apt update
sudo apt install couchdb
Reconfigure couchdb to listen to all interfaces. Edit
/etc/couchdb/local.ini
. Under[httpd]
add the following line:bind_address = 0.0.0.0
Restart the service:
sudo service couchdb restart
Create an admin user
curl -X PUT http://127.0.0.1:5984/_config/admins/anna -d '"secret"'
Verification Steps
Install and configure couchdb
Start msfconsole
Do:
auxiliary/scanner/couchdb/couchdb_login
Do:
run
Scenarios
A run against the configuration from these docs