injections nosql - OSSIR
injections nosql - OSSIR
injections nosql - OSSIR
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
INJECTIONS NOSQL<br />
Et les <strong>injections</strong> NoSQL <br />
• Exemple sur MongoDB<br />
• Requête d’authentification NoSQL:<br />
$res = $coll->findOne(array('$where' => "this.login ==<br />
'$login' && this.password == '$password' "));<br />
• Elément injecté:<br />
A' || 1==1 //<br />
www.ngmsecurity.com