Node.js applicative DoS through NoSQL injection - Vladimir de Turckheim, Sqreen
Recorded during Algolia Search Party - Node.js edition - July 2018, Paris.
Vladimir de Turckheim, Node.js Lead Engineer at Sqreen
Node.js applicative DoS through NoSQL injection
Vladimir is an active contributor of the Node.js project especially in the Security Working Group. He has been publishing multiple articles regarding Node.js security and performance. Applicative Denia of Service are mostly known through Regexp abuse. Most people do not know that other applicative DoS can be exploited through diverse means. In this talk we will see how a malicious user can obtain a MongoDB injection and use it to prevent an application from responding.