Search
 
SCRIPT & CODE EXAMPLE
 
CODE EXAMPLE FOR C

nosql injection

MongoDB:
- application/x-www-form-urlencoded => user[$gt]=&pass[$gt]=
- application/json => {user: {"$gt":""}, pass: {"$gt":""}}
Fun fact:
If the Content-Type is application/x-www-form-urlencoded, 
changing it to application/json still allows the POST to succeed 
with POST data. https://github.com/riyazwalikar/injection-attacks-nosql-talk/blob/master/README.md
 
PREVIOUS NEXT
Tagged: #nosql #injection
ADD COMMENT
Topic
Name
5+1 =