Hipsters and data

A while back I spent some time playing with the “modern” database implementations, more affectionately known as hipster tech. These are mostly your so-called NoSQL, big-data, ect databases. Trying to interact with these databases required numerous scripts to be written, one for each database implementation. After chatting to @PaulWebSec I decided to merge these into a single tool. Thus HippyDB Tool was born.

The following databases are supported:

  • Aerospike
  • Cassandra
  • Hbase
  • Hive
  • Memcached
  • Mongodb
  • Redis
  • Riak

A quick scan of AWS and Google Cloud hosting showed that the vast majority of these databases are deployed on default ports, listening on all interfaces and most critically, without any authentication. Furthermore, Shodan reports around ~59k MongoDB instances on the default port of 27017 and again, all the data is available for all to view.

Having a tool to easily interact with these deployments hightlights just how much data is available and what damage this could cause. Numerous instances of user creds, personal information and even credit-card numbers can be found.

The tool is written in NodeJS as it just felt write to write in a “hipster” language.. To use HippyDB, simply fork the Github project, install the requirements and you should be good to go.

$ git clone git@github.com:staaldraad/hippydb.git
$ cd hippydb
$ npm install
$ nodejs hippydb.js 

Interaction is pretty straight forward, with a menu driven interface. help will give you all the available commands and the tool even includes tab-completion! A sample session against a Riak instances may look as follows:

$ nodejs hippydb.js
[*] Hippy Database interaction tool.
[*] Author: etienne@sensepost.com

[*] Type help to get started
> set host 10.10.10.1
[*] host=10.10.10.1
> riak help
[*] Riak dumper -- Help
Commands: 
> riak status                       //Check if we can connect to the database
> riak buckets                      //list all buckets on the host
> riak keys  <bucket>               //list all keys in a bucket
> riak dumpk <bucket> <key>         //dump value of key
> riak dump  <bucket>               //show 'limit' number of values in a bucket

> riak status
[*] Connected! Node is [riak@bbdev1.10.10.10.1]
> riak buckets
[*] Found [10] Buckets
private_storage
privacy
offline_msg
passwd
roster
...<snip>...

> riak keys passwd
[*] Found [70] keys
x123545@10.10.10.1
...<snip>...

> exit
Cheerio old-chap

Happy hipster hunting and please fork and contribute!