Portswigger - NoSQL injection - Lab #2 Exploiting NoSQL operator injection to bypass authentication
Hello Hackers, in this video of Exploiting NoSQL operator injection to bypass authentication you will see how to exploit and discover NoSQL injection vulnerabilities in a lab from Web Security Academy powered by Portswigger ⚠️ Subscribe to my channel ➡️ @popo_hack ⚠️ 0:00 - About the Lab 1:52 - Exploit NoSQL injection input 3:36 - Use $ne operator to bypss the password field 5:26 - Use $in operator to bypss the username field 6:28 - Use $nin operator to bypss the username field 6:52 - Use $regrex operator to bypss the username field 🔍 About the Lab Lab: Exploiting NoSQL operator injection to bypass authentication Level: Apprentice This lab has a login functionality for this lab is powered by a MongoDB NoSQL database. It is vulnerable to NoSQL injection using MongoDB operators.application to display unreleased products. To solve the lab, log into the application as the administrator user. 🔗 Resources MongoDB operators documentation: https://www.mongodb.com/docs/manual/r... ✅ What to do ? 1. In Burp's browser, log in to the application using the credentials wiener:peter. 2. In Burp, go to "Proxy" than "HTTP history". Right-click the POST /login request and select Send to Repeater. 3. In Repeater, test the username and password parameters to determine whether they allow you to inject MongoDB operators: 3.1. Change the value of the username parameter from "wiener" to {"$ne":""}, then send the request. Notice that this enables you to log in. 3.2. Change the value of the username parameter from {"$ne":""} to {"$regex":"wien.*"}, then send the request. Notice that you can also log in when using the $regex operator. 3.3. With the username parameter set to {"$ne":""}, change the value of the password parameter from "peter" to {"$ne":""}, then send the request again. Notice that this causes the query to return an unexpected number of records. This indicates that more than one user has been selected. 4. With the password parameter set as {"$ne":""}, change the value of the username parameter to {"$regex":"admin.*"}, then send the request again. Notice that this successfully logs you in as the admin user. 5. Right-click the response, then select Show response in browser. Copy the URL. 6. Paste the URL into Burp's browser to log in as the administrator user. The lab is solved. Thank you for watching my video, if you have any questions or any topics recommendation feel free to write them on the comment below 🙋 #WebSecurityAcademy #portswigger #nosql #vulnerability
Portswigger - NoSQL injection - Lab #3 Exploiting NoSQL injection to extract data
Portswigger - NoSQL injection - Lab #1 Detecting NoSQL injection
Passkeys Explained: Are They Actually Better Than Passwords?
Wie Hacker Smartphones hacken
Portswigger - NoSQL injection - Lab #4 Exploiting NoSQL operator injection to extract unknown field
Frankreich – Senegal Highlights | Gruppe I, FIFA WM 2026 | sportstudio
NERVOUS 12-Year-Old Who Can Sing Without Opening Her Mouth Earns Mel B's GOLDEN BUZZER!
Turing Award Winner: Disagreeing with Google, Postgres, Future Problems | Mike Stonebraker
If This Video Appears In Your Life, The Entire Blessings Of The Universe Will Come To You - 963Hz
Young Men in Expensive Cars
My Golden Retriever Heals a Terrified Rescue Kitten in Just 3 Meetings!
Unbelievable Smart Worker & Hilarious Fails | Construction Compilation #7 #adamrose #smartworkers
The NoSQL Lie That Keeps Developers Overbuilding
NVIDIA Monopoly is DEAD | OPEN-SOURCE Chips Are HERE!
I Hacked This Temu Router. What I Found Should Be Illegal.
We're 99.9% sure this pattern is true, but no one can prove it
Is This DIY EMP Device Actually Dangerous?
The contestant knows the right answer IMMEDIATELY! 🤯🚀💶 | Who Wants to Be a Millionaire?
Nur noch ENTSETZEN: Trumps G7-Auftritt wird zum diplomatischen Desaster!!!
