diff options
| author | Christian Cleberg <hello@cleberg.net> | 2025-04-25 17:37:39 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-04-25 22:37:39 +0000 |
| commit | 86db2585623515fe38347811ec4bf46565d2c44b (patch) | |
| tree | a0d9860ea8ffeea4ff08939ffdb41c6c8158dd1c /databases/administrators/mongo | |
| parent | 7ba7b11f85dcca361ba5497d23b33e53f2525b0c (diff) | |
| download | audit-tools-86db2585623515fe38347811ec4bf46565d2c44b.tar.gz audit-tools-86db2585623515fe38347811ec4bf46565d2c44b.tar.bz2 audit-tools-86db2585623515fe38347811ec4bf46565d2c44b.zip | |
MySQL & Postgres Enhancements (#5)
* remove mysql login script and add password script
* move excess mysql password query to new script
* add db admin folders
* add postgres
* add mongo admins script
* Commit from GitHub Actions (Ruff)
* update tests for mysql and postgres
* update tests for mysql and postgres
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Diffstat (limited to 'databases/administrators/mongo')
| -rw-r--r-- | databases/administrators/mongo/README.org | 104 | ||||
| -rw-r--r-- | databases/administrators/mongo/admins.py | 16 |
2 files changed, 120 insertions, 0 deletions
diff --git a/databases/administrators/mongo/README.org b/databases/administrators/mongo/README.org new file mode 100644 index 0000000..689d37d --- /dev/null +++ b/databases/administrators/mongo/README.org @@ -0,0 +1,104 @@ +#+title: MongoDB Scripts
+
+* =admins.py=
+
+Dependency:
+
+#+begin_src shell
+pip install pymongo
+#+end_src
+
+#+begin_src python
+python ./admins.py
+#+end_src
+
+Example output:
+
+#+begin_src json
+[
+ {
+ "_id": "admin.admin",
+ "user": "admin",
+ "db": "admin",
+ "roles": [
+ {
+ "role": "userAdminAnyDatabase",
+ "db": "admin"
+ },
+ {
+ "role": "readWriteAnyDatabase",
+ "db": "admin"
+ },
+ {
+ "role": "dbAdminAnyDatabase",
+ "db": "admin"
+ },
+ {
+ "role": "clusterAdmin",
+ "db": "admin"
+ }
+ ],
+ "credentials": {
+ "SCRAM-SHA-1": {
+ "iterationCount": 10000,
+ "salt": "abc123",
+ "storedKey": "storedKeyHash",
+ "serverKey": "serverKeyHash"
+ },
+ "SCRAM-SHA-256": {
+ "iterationCount": 15000,
+ "salt": "def456",
+ "storedKey": "storedKeyHash256",
+ "serverKey": "serverKeyHash256"
+ }
+ }
+ },
+ {
+ "_id": "test.user1",
+ "user": "user1",
+ "db": "test",
+ "roles": [
+ {
+ "role": "readWrite",
+ "db": "test"
+ }
+ ],
+ "credentials": {
+ "SCRAM-SHA-1": {
+ "iterationCount": 10000,
+ "salt": "ghi789",
+ "storedKey": "storedKeyHashUser1",
+ "serverKey": "serverKeyHashUser1"
+ }
+ }
+ },
+ {
+ "_id": "test.ldapUser",
+ "user": "ldapUser",
+ "db": "test",
+ "roles": [
+ {
+ "role": "read",
+ "db": "test"
+ }
+ ],
+ "userSource": "ldap"
+ },
+ {
+ "_id": "admin.x509User",
+ "user": "x509User",
+ "db": "$external",
+ "roles": [
+ {
+ "role": "readWrite",
+ "db": "admin"
+ }
+ ],
+ "credentials": {
+ "MONGODB-X509": {
+ "subject": "CN=x509User,OU=OrgUnit,O=Org,L=City,ST=State,C=Country"
+ }
+ }
+ }
+]
+#+end_src
diff --git a/databases/administrators/mongo/admins.py b/databases/administrators/mongo/admins.py new file mode 100644 index 0000000..e844cbc --- /dev/null +++ b/databases/administrators/mongo/admins.py @@ -0,0 +1,16 @@ +from pymongo import MongoClient
+
+# Connect to the MongoDB server
+client = MongoClient("mongodb://localhost:27017/")
+
+# Select the 'admin' database
+db = client.admin
+
+# Query the 'system.users' collection
+users = db.system.users.find(
+ {}, {"user": 1, "db": 1, "roles": 1, "credentials": 1, "userSource": 1}
+)
+
+# Print the results in a pretty format
+for user in users:
+ print(user)
|