Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

RockMongo 1.1.8 - Cross-Site Scripting

By kannthu

High
Vidoc logoVidoc Module
#rockmongo#xss#packetstorm
Description

RockMongo 1.1.8 - Cross-Site Scripting

What is "RockMongo 1.1.8 - Cross-Site Scripting?"

The "RockMongo 1.1.8 - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in RockMongo 1.1.8. RockMongo is a web-based MongoDB administration tool that allows users to manage their MongoDB databases through a graphical interface. This module focuses on identifying and reporting instances where attackers can inject arbitrary JavaScript into the application's response, potentially leading to unauthorized access or data manipulation.

This vulnerability is classified as CWE-79 and has a CVSS score of 7.2, indicating a high severity level. The module was authored by pikpikcu.

Impact

A successful exploitation of the cross-site scripting vulnerability in RockMongo 1.1.8 can have various impacts, including:

- Execution of arbitrary JavaScript code in the context of the victim's browser - Potential theft of sensitive information, such as login credentials or session cookies - Manipulation of website content or functionality - Possible escalation of attacks, such as phishing or malware distribution

How does the module work?

The "RockMongo 1.1.8 - Cross-Site Scripting" module works by sending HTTP requests to the target application and analyzing the responses for specific patterns. It follows a set of matching conditions to identify instances of the cross-site scripting vulnerability. One example of an HTTP request used by the module is:

POST /index.php?action=login.index HTTP/1.1
Host: [target_host]
Content-Type: application/x-www-form-urlencoded

[request_body]

The module then applies the following matching conditions:

- Checks if the response body contains the string "<script>alert(document.domain)</script>" - Verifies that the response status code is 200 - Ensures that the response header contains the string "Content-Type: text/html"

If all the matching conditions are met, the module reports the presence of the cross-site scripting vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
POST/index.php?action=lo...
Headers

Content-Type: application/x-www-fo...

Matching conditions
word: "><script>alert(document.domain)</script...and
status: 200and
word: Content-Type: text/html
Passive global matcher
No matching conditions.
On match action
Report vulnerability