MongoDB Ops Manager Login Panel - Detect

What is the "MongoDB Ops Manager Login Panel - Detect?" module?

The "MongoDB Ops Manager Login Panel - Detect" module is designed to detect the presence of the MongoDB Ops Manager login panel. MongoDB Ops Manager is a software that provides a graphical user interface for managing MongoDB deployments. This module focuses on identifying the login panel specifically.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: dhiyaneshDK

Impact

This module does not have a direct impact on the security of the MongoDB Ops Manager. It simply detects the presence of the login panel, providing information about its existence.

How does the module work?

The module works by sending an HTTP GET request to the "/account/login" path of the target. It then applies two matching conditions to determine if the MongoDB Ops Manager login panel is present:

- The response body must contain the phrase "MongoDB Ops Manager</title>" - The response status code must be 200 (OK)

If both conditions are met, the module considers the MongoDB Ops Manager login panel to be detected.

Example HTTP request:

GET /account/login

Matching conditions:

- Response body contains the phrase "MongoDB Ops Manager</title>" - Response status code is 200