Using this script, we can enumerate Usernames and passwords of Nosql(mongodb) injection vulnerable web applications.
Exploit Title: Nosql injection username/password enumeration.
Author: Kalana Sankalpa (Anon LK).
Github repo: https://github.com/an0nlk/Nosql-MongoDB-injection-username-password-enumeration
How to run
Usage
nosqli-user-pass-enum.py [-h] [-u URL] [-up parameter] [-pp parameter] [-op parameters] [-ep parameter] [-sc character] [-m Method]
Example
python nosqli-user-pass-enum.py -u http://example.com/index.php -up username -pp password -ep username -op login:login,submit:submit
Arguments
| Arguments | Description |
|---|---|
| -h, –h | show this help message and exit |
| -u URL | Form submission url. Eg: http://example.com/index.php |
| -up parameter | Parameter name of the username. Eg: username, user |
| -pp parameter | Parameter name of the password. Eg: password, pass |
| -op parameters | Other paramters with the values. Separate each parameter with a comma(,). Eg: login:Login, submit:Submit |
| -ep parameter | Parameter that need to enumarate. Eg: username, password |
| -m Method | Method of the form. Eg: GET/POST |
Kalana Sankalpa 
hey man, this article just helps me in solving my CTF. this is great but all I wanna know how did you find that payload. I mean, I looked every payload from Payloadallthethings and fire requests in burp accordingly but all I get is 200 status code. please reply I am very fond of knowing this. Thanks, pal
LikeLiked by 1 person