Unauthenticated-Access

HTB STARTING POINT · Tier 0

Mongod

MongoDB 3.6.8 without bind authentication exposes a sensitive_information database; the real lesson is why auth-on-by-default matters.…

April 27, 2026 · 5 min · crAIzy
MongoDB No-Auth

HTB STARTING POINT · Tier 0

Redeemer

Unauthenticated Redis on port 6379 leaks a flag key directly; includes a bonus RCE path via rogue-server module load for the curious.…

April 27, 2026 · 6 min · crAIzy
Redis