{"id":1610,"date":"2014-11-20T13:46:32","date_gmt":"2014-11-20T13:46:32","guid":{"rendered":"http:\/\/ixyzero.com\/blog\/?p=1610"},"modified":"2019-06-02T08:45:33","modified_gmt":"2019-06-02T00:45:33","slug":"mongodb%e7%9a%84%e7%9b%b8%e5%85%b3%e5%ae%89%e5%85%a8%e9%97%ae%e9%a2%98","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/1610.html","title":{"rendered":"MongoDB\u7684\u76f8\u5173\u5b89\u5168\u95ee\u9898"},"content":{"rendered":"

\u8bb0\u5f97\u53bb\u5e74\u7684\u65f6\u5019\u56e0\u4e3a\u5de5\u4f5c\u9700\u8981\u8c03\u7814\u8fc7\u4e00\u6bb5\u65f6\u95f4\u7684MongoDB\uff0c\u4e0d\u8fc7\u540e\u6765\u56e0\u4e3a\u522b\u7684\u539f\u56e0\u5c31\u6ca1\u6709\u6df1\u5165\uff0c\u8fd9\u6b21\u53c8\u78b0\u5230\u4e86\uff0c\u6240\u4ee5\uff0c\u987a\u4fbf\u4ece\u7f51\u4e0a\u627e\u4e86\u4e00\u4e9b\u6559\u7a0b\uff0c\u4e86\u89e3\u5b83\u7684\u4e00\u4e9b\u76f8\u5173\u5b89\u5168\u95ee\u9898\uff0c\u8bb0\u5f55\u5982\u4e0b\uff1a<\/p>\n

\u5de5\u5177\uff1a<\/h6>\n

\u626b\u63cf https:\/\/github.com\/tcstool\/NoSQLMap<\/a>
\nGUI\u8fde\u63a5 MongoVUE<\/a><\/p>\n

\u6587\u6863\uff1a<\/h6>\n

MongoDB\u5b98\u65b9\u6587\u6863<\/a>
\nMongoDB\u5b89\u5168\u914d\u7f6e<\/a><\/p>\n

\u76f8\u5173\u6848\u4f8b\uff1a<\/h6>\n

http:\/\/www.wooyun.org\/searchbug.php<\/a> #\u641c\u7d22\u201cMongoDB\u201d<\/p>\n

\u626b\u63cf\u811a\u672c\uff1a<\/h6>\n
#!\/usr\/bin\/env python\n# coding=utf-8\nimport pymongo\ndef mongoScan(ip, port):\ntry:\n    conn = pymongo.MongoClient(ip, port, connectTimeoutMS=4000, socketTimeoutMS=4000)\n    try:\n        dbList = conn.database_names()\n        dbVer = conn.server_info()['version']\n        conn.disconnect()\n        print \"Successful access with no credentials!\"\n        return [0, dbVer]\n    except:\n        if str(sys.exc_info()).find('need to login') != -1:\n            conn.disconnect()\n            print \"Login required!\"\n            return [1, None]\n        else:\n            conn.disconnect()\n            print \"Access check failure.\"\n            return [2, None]\n\nexcept:\n    print \"Couldn't connect to Mongo server.\"\n    return [3, None]<\/pre>\n
\u591a\u7ebf\u7a0b\u7248\u672c\uff1a<\/h6>\n
#!\/usr\/bin\/env python\n#-*- coding:utf-8 -*-\n\nimport sys\nimport pymongo\nimport threading\nfrom Queue import Queue\n\ndef conn(addr):\n    try:\n        conn = pymongo.MongoClient(addr, 27017, socketTimeoutMS=3000)\n        dbname = conn.database_names()\n        if dbname:\n            print \"Success IP: %s\" % addr\n            print \"show dbs:\"\n            with open(\"ixyzero.com.txt\", \"a\") as af:\n                af.write(addr+\"n\")\n            for i in dbname:\n                b = \"t%s\" % i\n                print b\n                with open(\"ixyzero.com.txt\", \"a\") as af:\n                    af.write(b+\"n\")\n        conn.close()\n    except:\n        print \"%s connection was failed\" % addr\n\nclass MyThread(threading.Thread):\n    def __init__(self):\n        threading.Thread.__init__(self)\n    def run(self):\n        global queue\n        while not queue.empty():\n            ip = queue.get()\n            conn(ip)\n\nif __name__ == \"__main__\":\n    queue = Queue()\n    a = open(sys.argv[1], 'r')\n    for ip in a.readlines():\n        ip = ip.strip('')\n        queue.put(ip)\n    for i in range(99):\n        c = MyThread()\n        c.start()<\/pre>\n
\u53c2\u8003\u94fe\u63a5<\/strong>\uff1aZMAP\u626b\u63cfmongodb\u914d\u5408\u591a\u7ebf\u7a0b\u9a8c\u8bc1\u811a\u672c<\/a><\/p>\n
\u5b89\u88c5\/\u64cd\u4f5c\u547d\u4ee4\uff1a<\/h6>\n
hi@vm:~$ sudo apt-get install mongodb-clients #\u8fdc\u7a0b\u8fde\u63a5\uff0c\u9700\u8981\u5b89\u88c5MongoDB\u7684\u5ba2\u6237\u7aef\nhi@vm:~$ mongo\nmongo mongodump mongoexport mongofiles mongoimport mongorestore mongostat\nhi@vm:~$ mongo 203.195.150.245\nMongoDB shell version: 2.0.4\nconnecting to: 203.195.150.245\/test\n> show dbs;\n> use db_name;\nswitched to db db_name\n> show collections;\n> db.stats();\n> db.currentOp();\n> db.serverStatus();\n\n> use local;\n> db.stats();\n> db.currentOp();\n> db.serverStatus();\n> db.system.users.find();\n> db.FlightOrder.find().limit(100);\n\n\nhi@vm:~$ mongo\nMongoDB shell version: 2.0.4\nconnecting to: test\nWed Nov 19 14:22:07 Error: couldn't connect to server 127.0.0.1 shell\/mongo.js:84\nexception: connect failed\nhi@vm:~$ sudo apt-get install mongodb #\u672c\u5730\u6d4b\u8bd5\uff0c\u9700\u8981\u5b89\u88c5MongoDB\u670d\u52a1\u7aef\nmongodb mongodb-clients mongodb-dev mongodb-server<\/pre>\n
 <\/p>\n
hi@vm:~$ mongo\nMongoDB shell version: 2.0.4\nconnecting to: test\n> show dbs;\nlocal (empty)\n> use local;\nswitched to db local\n> show collections;\n> help\ndb.help() help on db methods\ndb.mycoll.help() help on collection methods\nrs.help() help on replica set methods\nhelp admin administrative help\nhelp connect connecting to a db help\nhelp keys key shortcuts\nhelp misc misc things to know\nhelp mr mapreduce\n\nshow dbs show database names\nshow collections show collections in current database\nshow users show users in current database\nshow profile show most recent system.profile entries with time >= 1ms\nshow logs show the accessible logger names\nshow log [name] prints out the last segment of log in memory, 'global' is default\nuse <db_name> set current database\ndb.foo.find() list objects in collection foo\ndb.foo.find( { a : 1 } ) list objects in foo where a == 1\nit result of the last line evaluated; use to further iterate\nDBQuery.shellBatchSize = x set default number of items to display on shell\nexit quit the mongo shell\n> db.help();\nDB methods:\ndb.addUser(username, password[, readOnly=false])\ndb.auth(username, password)\ndb.cloneDatabase(fromhost)\ndb.commandHelp(name) returns the help for the command\ndb.copyDatabase(fromdb, todb, fromhost)\ndb.createCollection(name, { size : ..., capped : ..., max : ... } )\ndb.currentOp() displays the current operation in the db\ndb.dropDatabase()\ndb.eval(func, args) run code server-side\ndb.getCollection(cname) same as db['cname'] or db.cname\ndb.getCollectionNames()\ndb.getLastError() - just returns the err msg string\ndb.getLastErrorObj() - return full status object\ndb.getMongo() get the server connection object\ndb.getMongo().setSlaveOk() allow this connection to read from the nonmaster member of a replica pair\ndb.getName()\ndb.getPrevError()\ndb.getProfilingLevel() - deprecated\ndb.getProfilingStatus() - returns if profiling is on and slow threshold\ndb.getReplicationInfo()\ndb.getSiblingDB(name) get the db at the same server as this one\ndb.isMaster() check replica primary status\ndb.killOp(opid) kills the current operation in the db\ndb.listCommands() lists all the db commands\ndb.logout()\ndb.printCollectionStats()\ndb.printReplicationInfo()\ndb.printSlaveReplicationInfo()\ndb.printShardingStatus()\ndb.removeUser(username)\ndb.repairDatabase()\ndb.resetError()\ndb.runCommand(cmdObj) run a database command. if cmdObj is a string, turns it into { cmdObj : 1 }\ndb.serverStatus()\ndb.setProfilingLevel(level,<slowms>) 0=off 1=slow 2=all\ndb.shutdownServer()\ndb.stats()\ndb.version() current version of the server\ndb.getMongo().setSlaveOk() allow queries on a replication slave server\ndb.fsyncLock() flush data to disk and lock server for backups\ndb.fsyncUnock() unlocks server following a db.fsyncLock()\n> help admin\nls([path]) list files\npwd() returns current directory\nlistFiles([path]) returns file list\nhostname() returns name of this host\ncat(fname) returns contents of text file as a string\nremoveFile(f) delete a file or directory\nload(jsfilename) load and execute a .js file\nrun(program[, args...]) spawn a program and wait for its completion\nrunProgram(program[, args...]) same as run(), above\nsleep(m) sleep m milliseconds\ngetMemInfo() diagnostic\n> help connect\n\nNormally one specifies the server on the mongo shell command line. Run mongo --help to see those options.\nAdditional connections may be opened:\n\nvar x = new Mongo('host[:port]');\nvar mydb = x.getDB('mydb');\nor\nvar mydb = connect('host[:port]\/mydb');\n\nNote: the REPL prompt only auto-reports getLastError() for the shell command line connection.\n\n> help keys\nTab completion and command history is available at the command prompt.\n\nSome emacs keystrokes are available too:\nCtrl-A start of line\nCtrl-E end of line\nCtrl-K del to end of line\n\nMulti-line commands\nYou can enter a multi line javascript expression. If parens, braces, etc. are not closed, you will see a new line\nbeginning with '...' characters. Type the rest of your expression. Press Ctrl-C to abort the data entry if you\nget stuck.\n\n> help misc\nb = new BinData(subtype,base64str) create a BSON BinData value\nb.subtype() the BinData subtype (0..255)\nb.length() length of the BinData data in bytes\nb.hex() the data as a hex encoded string\nb.base64() the data as a base 64 encoded string\nb.toString()\n\nb = HexData(subtype,hexstr) create a BSON BinData value from a hex string\nb = UUID(hexstr) create a BSON BinData value of UUID subtype\nb = MD5(hexstr) create a BSON BinData value of MD5 subtype\n\no = new ObjectId() create a new ObjectId\no.getTimestamp() return timestamp derived from first 32 bits of the OID\no.isObjectId()\no.toString()\no.equals(otherid)\n><\/pre>\n
\n
\u4e00\u4e9btips\u5c0f\u7ed3\uff1a<\/p>\n
\u2460\u3000\u5728Web\u9875\u9762\u67e5\u770bMongoDB\u7684\u76f8\u5173\u4fe1\u606f<\/h6>\n
http:\/\/x.x.x.x:27017
\nYou are trying to access MongoDB on the native driver port. For http diagnostic access, add 1000 to the port number
\nhttp:\/\/x.x.x.x:28017<\/p>\n
\u2461\u3000MongoDB\u8fdc\u7a0b\u8fde\u63a5\u914d\u7f6e<\/h6>\n
1.\u6dfb\u52a0\u7ba1\u7406\u5458\u8d26\u53f7<\/p>\n
> use admin\nswitched to db admin\n> db.addUser('tank','test');<\/pre>\n
2.\u914d\u7f6emongodb.conf<\/p>\n
#bind_ip = 127.0.0.1 \/\/\u6ce8\u91ca\u6b64\u884c\nauth = true \/\/\u5c06\u6b64\u884c\u524d\u7684\u6ce8\u91ca\u53bb\u6389<\/pre>\n
3.\u91cd\u542fmongodb<\/p>\n
4.\u9632\u706b\u5899\u5f00\u653e27017\u7aef\u53e3<\/p>\n
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 27017 -j ACCEPT<\/pre>\n
5.\u8fdc\u7a0b\u8fde\u63a5\u6d4b\u8bd5<\/p>\n
$ mongo x.x.x.x:27017\/db_name -u admin -p\n\u2026\u2026\u8f93\u5165\u5bc6\u7801\u2026\u2026<\/pre>\n
 <\/p>\n
\u989d\u5916\u53c2\u8003\u94fe\u63a5\uff1a<\/h6>\n