https://github.com/nisaruj/nosqli-flintcms

Blind noSQL injection case study lab based on CVE-2018-3783
https://github.com/nisaruj/nosqli-flintcms

cve nosql-injection

Last synced: 27 days ago
JSON representation

Blind noSQL injection case study lab based on CVE-2018-3783

• Host: GitHub
• URL: https://github.com/nisaruj/nosqli-flintcms
• Owner: nisaruj
• Created: 2019-10-09T07:35:59.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2023-02-04T02:52:36.000Z (about 2 years ago)
• Last Synced: 2025-02-14T15:15:18.692Z (3 months ago)
• Topics: cve, nosql-injection
• Language: JavaScript
• Size: 104 KB
• Stars: 4
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# nosqli-flintcms

Blind noSQL injection case study lab based on CVE-2018-3783 (privilege escalation on flintcms 1.1.9).

The vulnerability was originally discovered by Benoit Côté-Jodoin. You can read original report on [HackerOne](https://hackerone.com/reports/386807).

## Prerequisites

```

docker-compose

```

**Limitation**: We removed `sendEmail` function so that the server cannot send an email. However, it can still generate a token when password is reset.

## Lab Setup

1. The environment variables are in `docker-compose.yml` you can change database's credential here.

2. Run `docker-compose up`, wait until the containers are built and running properly.

3. Go to `localhost:4000` you should see a welcome page. Then visit `localhost:4000/admin/install`, enter fake email username and password.

4. Let's hack!

Don't forget to run `docker-compose down` once finished hacking.

## How it works?

Coming soon.