MongoDB credential disclosure
MongoDB credentials file used by RoboMongo
Security Misconfiguration (SM)
How this template works
The template uses API selection filters to specify the desired response code range (between 200 and 299) and to extract the URL from the response using the "urlVar" variable.
The template executes a single request by modifying the URL with the paths specified in the "urlPaths" word list. The modified URLs are used to check for the presence of the MongoDB credentials file.
The template validates the response by checking if the response code is equal to 200, if the response payload contains specific keywords related to MongoDB credentials, and if the response headers contain the value "application/json". If all validation conditions are met, the vulnerability is considered to be present.
Frequently asked questions
What is the purpose of this test
How does the test determine if the MongoDB credentials file is present
What URLs does the test check for the MongoDB credentials file
How does the test modify the URL for the requests
What criteria are used to validate the response of the requests
What is the potential impact of MongoDB credentials exposure