Bugtracker
In the handout is the following source code:
Note the mistake allowing NoSQL injections:
This allows login as admin:
From here, just do another NoSQL injection, this time looking in the flags collection:
In the handout is the following source code:
Note the mistake allowing NoSQL injections:
This allows login as admin:
From here, just do another NoSQL injection, this time looking in the flags collection: