Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "MongoDB Exporter - Detect" module is designed to detect the presence of the MongoDB exporter software. This module focuses on identifying misconfigurations, vulnerabilities, or specific software fingerprints related to MongoDB. The severity of this module is classified as medium.
This module was authored by pussycat0x.
The impact of the "MongoDB Exporter - Detect" module depends on the specific findings it detects. It can help identify potential security risks, misconfigurations, or vulnerabilities in MongoDB deployments. By detecting these issues, appropriate actions can be taken to mitigate potential threats and ensure the security of the MongoDB environment.
The "MongoDB Exporter - Detect" module operates by sending HTTP requests and evaluating the responses against predefined matching conditions. It checks for specific patterns in the response body and verifies the HTTP status code to determine if the MongoDB exporter is present.
Here is an example of an HTTP request used by the module:
GET /metrics
The module applies the following matching conditions:
- The response body must contain the phrase "# HELP
"
- The response body must contain either "mongodb
" or "mongodb_exporter_build_info
"
- The HTTP status code must be 200
If all the matching conditions are met, the module identifies the presence of the MongoDB exporter.
For more information, you can refer to the official GitHub repository of the MongoDB exporter.
Metadata:
- Max request: 1 - Verified: true - Shodan query: title:"Mong"