Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

CouchDB Admin Default - Detect

By kannthu

High
Vidoc logoVidoc Module
#couchdb
Description

What is the "CouchDB Admin Default - Detect" module?

The "CouchDB Admin Default - Detect" module is designed to detect misconfigurations in CouchDB, a NoSQL database management system. This module focuses on identifying vulnerabilities related to requests made in the context of an admin user. The severity of this vulnerability is classified as high.

This module was authored by organiccrap.

Impact

If the CouchDB Admin Default - Detect module identifies a misconfiguration, it indicates that the CouchDB instance is susceptible to unauthorized access or potential security breaches. This could lead to unauthorized data access, modification, or deletion.

How does the module work?

The CouchDB Admin Default - Detect module utilizes HTTP request templates and matching conditions to identify misconfigurations. It sends a GET request to the "/_users/_all_docs" endpoint, without any specific headers. The module then applies two matching conditions:

- The first condition checks the response header for the presence of "CouchDB/" and "Erlang OTP/" keywords, indicating the use of CouchDB and Erlang OTP. - The second condition examines the response body for the presence of "total_rows" and "offset" keywords, which are expected in a valid response.

If both conditions are met, the module reports a potential vulnerability.

For example, the module's HTTP request template:

GET /_users/_all_docs

Matching conditions:

Header: Contains "CouchDB/" and "Erlang OTP/"
Body: Contains "total_rows" and "offset"

When these conditions are satisfied, the module identifies a potential misconfiguration in the CouchDB instance.

For more information, refer to the CouchDB Security Documentation.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/_users/_all_docs
Matching conditions
word: CouchDB/, Erlang OTP/and
word: total_rows, offset
Passive global matcher
No matching conditions.
On match action
Report vulnerability