mongod" - "List all commands" condition: and - type: status status: - 200 # digest: 4a0a004730450221008fe15b8f67398c3d37ad238f27498ac2e8c59e4a3e919cdb65ec15d078ab58da02207bb1fb40632fdbe0809a030f18072ad0f10b4774a13b7f443a817037fb4ca50d:922c64590222798bb761d5b6d8e72950

id: mongod-exposure

info:
  name: MongoD Server - Exposure
  author: DhiyaneshDk
  severity: low
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"mongod"
  tags: mongod,exposure,info-leak

http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<title>mongod"
          - "List all commands"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a004730450221008fe15b8f67398c3d37ad238f27498ac2e8c59e4a3e919cdb65ec15d078ab58da02207bb1fb40632fdbe0809a030f18072ad0f10b4774a13b7f443a817037fb4ca50d:922c64590222798bb761d5b6d8e72950