Day-7:Migration Without Security

front

https://tryhackme.com/room/adventofcyber3

NoSQL Injection

  1. Interacting with MongoDB terminal
    db_flag
  2. Accessing Admin:
    admin
  3. Get the list of users with roles as Guest
    guest
  4. Retrieve mcskidy records
    mcskidy