Merge pull request #6662 from projectdiscovery/pussycat0x-patch-2

MongoDB Information Enumeration
2023-02-03 12:57:08 +05:30 · 2023-02-03 12:57:08 +05:30 · e969b02604
parent e4e35d3389 23b26ec95b
commit e969b02604
1 changed files with 37 additions and 0 deletions
--- a/network/enumeration/mongodb-info-enum.yaml
+++ b/network/enumeration/mongodb-info-enum.yaml
@ -0,0 +1,37 @@
+id: mongodb-info-enum
+
+info:
+  name: MongoDB Information Enumeration
+  author: pussycat0x
+  severity: info
+  description: |
+    MongoDB is an open source NoSQL database management program. NoSQL is used as an alternative to traditional relational databases.
+  reference:
+    - https://nmap.org/nsedoc/scripts/mongodb-info.html
+  metadata:
+    verified: "true"
+    shodan-query: mongodb server information
+    tags: network,mongodb,enum
+
+network:
+  - inputs:
+      - data: 3b0000003c300000ffffffffd40700000000000061646d696e2e24636d640000000000ffffffff14000000106275696c64696e666f000100000000
+        type: hex
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:27017"
+    read-size: 2048
+
+    matchers:
+      - type: word
+        part: raw
+        words:
+          - "version"
+          - "maxBsonObjectSize"
+        condition: and
+
+    extractors:
+      - type: regex
+        regex:
+          - "([A-Za-z:0-9.]+)"