From NoSQL Injection to Serverside Javascript Injection

NoSQL (not only SQL) has disrupted the usage of traditional data stores. It has introduced a new concept of data storage which is non-relational unlike the previous storage mechanisms and thus, provides looser restrictions in consistency. It has a document store, key-value store, and graph. Due to the new requirements of modern-day applications, there has been wide adoption of NoSQL databases which could conveniently facilitate the distribution of data across numerous servers. Nosql databases provide an avenue for wide scalability and they require a single database node to execute all operations of the same transaction

NoSQL models offer a new data model and query formats making the old SQL injection attacks irrelevant. Yet, they give attackers new ways to insert malicious code.

Let’s understand the NoSQL data models in MongoDB:

Image for post

Image for post

The following diagram illustrates a query that selects and orders the matching documents using an index:

Image for post

Read operations retrievesdocuments from acollection i.e. queries a collection for documents. This is how you can read the documents from a collection in MongoDB:

Image for post

db.items.find(queryObject)

db — current database object

Items — collection names ‘items’ in the current database

find — method to execute on the collection

queryObject — an object used to select data

queryObject = {amount:0}; //items with fixed value ‘amount’ is 0

Before we go any further, let’s quickly analyze the attack mechanism in traditional SQL databases.

#security #vulerability #programming #web

How to pull off a successful NoSQL Injection attack
3.60 GEEK