Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-16 14:08:26 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [master] 2 pages modified

Browse source
This commit is contained in:
CPol 2020-07-16 19:40:43 +00:00 committed by gitbook-bot
parent 56bbc46026
commit fec670d1b2
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
SUMMARY.md
View file

@ -224,7 +224,7 @@
* [5432,5433 - Pentesting Postgresql](pentesting/pentesting-postgresql.md) * [5432,5433 - Pentesting Postgresql](pentesting/pentesting-postgresql.md)
* [5671,5672 - Pentesting AMQP](pentesting/5671-5672-pentesting-amqp.md) * [5671,5672 - Pentesting AMQP](pentesting/5671-5672-pentesting-amqp.md)
* [5800,5801,5900,5901 - Pentesting VNC](pentesting/pentesting-vnc.md) * [5800,5801,5900,5901 - Pentesting VNC](pentesting/pentesting-vnc.md)
* [5984 - Pentesting CouchDB](pentesting/5984-pentesting-couchdb.md) * [5984,6984 - Pentesting CouchDB](pentesting/5984-pentesting-couchdb.md)
* [5985,5986 - Pentesting WinRM](pentesting/5985-5986-pentesting-winrm.md) * [5985,5986 - Pentesting WinRM](pentesting/5985-5986-pentesting-winrm.md)
* [6000 - Pentesting X11](pentesting/6000-pentesting-x11.md) * [6000 - Pentesting X11](pentesting/6000-pentesting-x11.md)
* [6379 - Pentesting Redis](pentesting/6379-pentesting-redis.md) * [6379 - Pentesting Redis](pentesting/6379-pentesting-redis.md)

14
pentesting/5984-pentesting-couchdb.md
View file

@ -1,4 +1,4 @@
# 5984 - Pentesting CouchDB # 5984,6984 - Pentesting CouchDB
## **Basic Information** ## **Basic Information**
@ -6,7 +6,7 @@ CouchDB is a document-oriented database and within each document fields are stor
Each document that is stored in the database is given a document-level unique identifier \(`_id`\) as well as a revision \(`_rev`\) number for each change that is made and saved to the database. Each document that is stored in the database is given a document-level unique identifier \(`_id`\) as well as a revision \(`_rev`\) number for each change that is made and saved to the database.
**Default port:** 5984 **Default port:** 5984\(http\), 6984\(https\)
```text ```text
PORT STATE SERVICE REASON PORT STATE SERVICE REASON
@ -35,6 +35,10 @@ This issues a GET request to installed CouchDB instance. The reply should look s
{"couchdb":"Welcome","version":"2.0.0","vendor":{"name":"The Apache Software Foundation"}} {"couchdb":"Welcome","version":"2.0.0","vendor":{"name":"The Apache Software Foundation"}}
``` ```
{% hint style="info" %}
Note that if accessing the root of couchdb you receive a `401 Unauthorized` with something like this: `{"error":"unauthorized","reason":"Authentication required."}` **you won't be able to access** the banner or any other endpoint.
{% endhint %}
### Info Enumeration ### Info Enumeration
These are the endpoints where you can access with a **GET** request and extract some interesting info. You can find [**more endpoints and more detailed descriptions in the couchdb documentation**](https://docs.couchdb.org/en/latest/api/index.html). These are the endpoints where you can access with a **GET** request and extract some interesting info. You can find [**more endpoints and more detailed descriptions in the couchdb documentation**](https://docs.couchdb.org/en/latest/api/index.html).
@ -89,6 +93,8 @@ curl http://localhost:5984/simpsons
### **Document List** ### **Document List**
List each entry inside a database
```bash ```bash
curl -X GET http://IP:5984/{dbname}/_all_docs curl -X GET http://IP:5984/{dbname}/_all_docs
curl http://localhost:5984/simpsons/_all_docs curl http://localhost:5984/simpsons/_all_docs
@ -104,7 +110,9 @@ curl http://localhost:5984/simpsons/_all_docs
]} ]}
``` ```
#### **Read Value Document** ### **Read Document**
Read the content of a document inside a database:
```bash ```bash
curl -X GET http://IP:5984/{dbname}/{id} curl -X GET http://IP:5984/{dbname}/{id}