Predicting MongoDB ObjectId() continuously in Rocket.Chat
Applications using MongoDB have a common pitfall of treating the ObjectId() function as cryptographically secure. Recently, we found Rocket.Chat, an open source Slack-like application, to be a victim of this. At Aikido, we run AI Pentests on various open source applications to test our agents and identify their strengths and improvement points. During the pentest, one of the agents reported that an unauthenticated Rocket.Chat user can access any uploaded file if they know its ID.