0x22bb/hacktricks
1
2
Fork 0
mirror of https://github.com/carlospolop/hacktricks.git synced 2023-12-14 19:12:55 +01:00
Code Releases Activity

GitBook: [master] one page and one asset modified

Browse source
This commit is contained in:
CPol 2021-04-30 09:16:21 +00:00 committed by gitbook-bot
parent b486b9fee1
commit c8d10583c4
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
2 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
.gitbook/assets/image (472).png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 59 KiB

10
pentesting-web/nosql-injection.md
View file

@ -83,6 +83,16 @@ in JSON
/?search=admin' && this.password && this.password.match(/^duvj78i3u$/)%00 Found
```
### PHP Arbitrary Function Execution
Using the **$func** operator of the [MongoLite](https://github.com/agentejo/cockpit/tree/0.11.1/lib/MongoLite) library \(used by default\) it might be possible to execute and arbitrary function as in [this report](https://swarm.ptsecurity.com/rce-cockpit-cms/).
```python
"user":{"$func": "var_dump"}
```
![](../.gitbook/assets/image%20%28472%29.png)
## Blind NoSQL
```python