MongoDB Information - Detect

ID: mongodb-info-enum

Severity: info

Author: pussycat0x

Tags: network,mongodb,enum,tcp

Description

MongoDB build and server information was detected.

YAML Source

id: mongodb-info-enum

info:
  name: MongoDB Information - Detect
  author: pussycat0x
  severity: info
  description: |
    MongoDB build and server information was detected.
  reference:
    - https://nmap.org/nsedoc/scripts/mongodb-info.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cwe-id: CWE-200
  metadata:
    verified: true
    max-request: 1
    shodan-query: mongodb server information
  tags: network,mongodb,enum,tcp
tcp:
  - inputs:
      - data: 3b0000003c300000ffffffffd40700000000000061646d696e2e24636d640000000000ffffffff14000000106275696c64696e666f000100000000
        type: hex

    host:
      - "{{Hostname}}"
    port: 27017
    read-size: 2048

    matchers:
      - type: word
        part: raw
        words:
          - "version"
          - "maxBsonObjectSize"
        condition: and

    extractors:
      - type: regex
        regex:
          - "([A-Za-z:0-9.]+)"
# digest: 4a0a00473045022100ba1b2169690a6a1e68fa5f5da6318e8e2d48023e6fba69372a41007ad81ae4bc02201e8b62354dbdc1c133ac494c039c8585518dd0decedfe168a968ca3d7baa0957:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "network/enumeration/mongodb-info-enum.yaml"

View on Github