SlideShare a Scribd company logo

GraphQL Misconfiguration

Download as PPTX, PDF
H
Harshit Sengar

GraphQL Vulnerabilities

Technology
1 of 22
GraphQL Misconfiguration By - Harshit Sengar
C O N T E N T S Part 01 Part 02 GraphQL Rest vs Graphql Part 03 Terminologies Part 04 Part 05 Part 06 Endpoint & Tools Attacks Vectors Practice Labs
01 GraphQL
01 GraphQL GraphQL is a query language for your API, and a server- side runtime for executing queries by using a type system you define for your data. GraphQL isn't tied to any specific database or storage engine and is instead backed by your existing code and data. A GraphQL service is created by defining types and fields on those types, then providing functions for each field on each type.
02 Rest v/s Graphql
03 Terminologies
03 Terminologies Queries and Mutations Schema and Types Arguments Fields Variable OperationName
04 GraphQL Endpoints & Tools
04 GraphQL Endpoints & Tools • /graphql • /graphql/console/ • /graphql.php • /graphiql • /graphiql.php • ....etc, • Graphiql • Graphql Playground • Graphql Raider (Burp-Extension) • InQL (Burp-Extension) Endpoints Tools
05 Attack Vectors
Introspection Query DOS IDOR & Authorization Bypass Injections Mutation 05 Attack Vectors
05 Introspection Query { __schema { directives { name description } subscriptionType { name description } types { name description } queryType { name description } mutationType { name description } queryType { name description } } } 1. query allSchemaTypes { __schema { types { name kind description } } } 2. query availableQueries { __schema { queryType { fields { name description } } } } 3. query EnumerationValues { __type(name: "<ENUM TYPE>") { kind name description enumValues { name description } } } https://hackerone.com/reports/291531
05 DOS / Nested Queries query{ allUsers{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ username } } } } } } } } } } } } } } } } } } }
05 IDOR & Bypass Authorization
05 Injections • SQL Injections • Command Injections • XSS • etc.., SQL Injection
05 Mutations • SQL Injections • Command Injections • XSS • Change/Modify the Details • etc.., SQL Injection
06 Practice Labs
SKF-Labs Vuln-graphql-api 06 Practice Labs
Contact: Email: hsengar.100@gmail.com Twitter: https://www.twitter.com/sengarharshit1 Linkedin: https://www.linkedin.com/in/sengarharshit1 Medium: https://www.medium.com/@sengarharshit1 THANK YOU

Recommended

Attacking GraphQL
Attacking GraphQLAttacking GraphQL
Attacking GraphQL
KavishaSheth1
 
Adding GraphQL to your existing architecture
Adding GraphQL to your existing architectureAdding GraphQL to your existing architecture
Adding GraphQL to your existing architecture
Sashko Stubailo
 
Modular GraphQL with Schema Stitching
Modular GraphQL with Schema StitchingModular GraphQL with Schema Stitching
Modular GraphQL with Schema Stitching
Sashko Stubailo
 
Why UI Developers Love GraphQL - Sashko Stubailo, Apollo/Meteor
Why UI Developers Love GraphQL - Sashko Stubailo, Apollo/MeteorWhy UI Developers Love GraphQL - Sashko Stubailo, Apollo/Meteor
Why UI Developers Love GraphQL - Sashko Stubailo, Apollo/Meteor
Jon Wong
 
An intro to GraphQL
An intro to GraphQLAn intro to GraphQL
An intro to GraphQL
valuebound
 
GraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits togetherGraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits together
Sashko Stubailo
 
GraphQL Introduction
GraphQL IntroductionGraphQL Introduction
GraphQL Introduction
Serge Huber
 
CONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQLCONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQL
Matthew Groves
 

Recommended

Attacking GraphQL
Attacking GraphQLAttacking GraphQL
Attacking GraphQL
KavishaSheth1
 
Adding GraphQL to your existing architecture
Adding GraphQL to your existing architectureAdding GraphQL to your existing architecture
Adding GraphQL to your existing architecture
Sashko Stubailo
 
Modular GraphQL with Schema Stitching
Modular GraphQL with Schema StitchingModular GraphQL with Schema Stitching
Modular GraphQL with Schema Stitching
Sashko Stubailo
 
Why UI Developers Love GraphQL - Sashko Stubailo, Apollo/Meteor
Why UI Developers Love GraphQL - Sashko Stubailo, Apollo/MeteorWhy UI Developers Love GraphQL - Sashko Stubailo, Apollo/Meteor
Why UI Developers Love GraphQL - Sashko Stubailo, Apollo/Meteor
Jon Wong
 
An intro to GraphQL
An intro to GraphQLAn intro to GraphQL
An intro to GraphQL
valuebound
 
GraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits togetherGraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits together
Sashko Stubailo
 
GraphQL Introduction
GraphQL IntroductionGraphQL Introduction
GraphQL Introduction
Serge Huber
 
CONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQLCONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQL
Matthew Groves
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQL
Rodrigo Prates
 
GraphQL: Enabling a new generation of API developer tools
GraphQL: Enabling a new generation of API developer toolsGraphQL: Enabling a new generation of API developer tools
GraphQL: Enabling a new generation of API developer tools
Sashko Stubailo
 
GraphQL
GraphQLGraphQL
GraphQL
Joel Corrêa
 
GraphQL ♥︎ GraphDB
GraphQL ♥︎ GraphDBGraphQL ♥︎ GraphDB
GraphQL ♥︎ GraphDB
GraphRM
 
Intro to GraphQL
Intro to GraphQL Intro to GraphQL
Intro to GraphQL
Rakuten Group, Inc.
 
The Apollo and GraphQL Stack
The Apollo and GraphQL StackThe Apollo and GraphQL Stack
The Apollo and GraphQL Stack
Sashko Stubailo
 
GraphQL Search
GraphQL SearchGraphQL Search
GraphQL Search
Artem Shtatnov
 
GraphQL + relay
GraphQL + relayGraphQL + relay
GraphQL + relay
Cédric GILLET
 
GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018
Sashko Stubailo
 
GraphQL & Ratpack
GraphQL & RatpackGraphQL & Ratpack
GraphQL & Ratpack
Mario García
 
Introduction to graphQL
Introduction to graphQLIntroduction to graphQL
Introduction to graphQL
Muhilvarnan V
 
GraphQL & Relay
GraphQL & RelayGraphQL & Relay
GraphQL & Relay
Viacheslav Slinko
 
Graphql presentation
Graphql presentationGraphql presentation
Graphql presentation
Vibhor Grover
 
REST vs GraphQL
REST vs GraphQLREST vs GraphQL
REST vs GraphQL
Squareboat
 
Standing out as a new grad candidate
Standing out as a new grad candidateStanding out as a new grad candidate
Standing out as a new grad candidate
Sashko Stubailo
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQL
Brainhub
 
GraphQL Advanced
GraphQL AdvancedGraphQL Advanced
GraphQL Advanced
LeanIX GmbH
 
How to GraphQL
How to GraphQLHow to GraphQL
How to GraphQL
Tomasz Bak
 
GraphQL is new sexy
GraphQL is new sexyGraphQL is new sexy
GraphQL is new sexy
ITEM
 
GraphQL Fundamentals
GraphQL FundamentalsGraphQL Fundamentals
GraphQL Fundamentals
Virbhadra Ankalkote
 
Getting Started with Spring for GraphQL
Getting Started with Spring for GraphQLGetting Started with Spring for GraphQL
Getting Started with Spring for GraphQL
VMware Tanzu
 
Training Series: Build APIs with Neo4j GraphQL Library
Training Series: Build APIs with Neo4j GraphQL LibraryTraining Series: Build APIs with Neo4j GraphQL Library
Training Series: Build APIs with Neo4j GraphQL Library
Neo4j
 

More Related Content

What's hot

The Apollo and GraphQL Stack
The Apollo and GraphQL StackThe Apollo and GraphQL Stack
The Apollo and GraphQL Stack
Sashko Stubailo
 
GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018
Sashko Stubailo
 

What's hot (20)

Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQL
 
GraphQL: Enabling a new generation of API developer tools
GraphQL: Enabling a new generation of API developer toolsGraphQL: Enabling a new generation of API developer tools
GraphQL: Enabling a new generation of API developer tools
 
GraphQL
GraphQLGraphQL
GraphQL
 
GraphQL ♥︎ GraphDB
GraphQL ♥︎ GraphDBGraphQL ♥︎ GraphDB
GraphQL ♥︎ GraphDB
 
Intro to GraphQL
Intro to GraphQL Intro to GraphQL
Intro to GraphQL
 
The Apollo and GraphQL Stack
The Apollo and GraphQL StackThe Apollo and GraphQL Stack
The Apollo and GraphQL Stack
 
GraphQL Search
GraphQL SearchGraphQL Search
GraphQL Search
 
GraphQL + relay
GraphQL + relayGraphQL + relay
GraphQL + relay
 
GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018
 
GraphQL & Ratpack
GraphQL & RatpackGraphQL & Ratpack
GraphQL & Ratpack
 
Introduction to graphQL
Introduction to graphQLIntroduction to graphQL
Introduction to graphQL
 
GraphQL & Relay
GraphQL & RelayGraphQL & Relay
GraphQL & Relay
 
Graphql presentation
Graphql presentationGraphql presentation
Graphql presentation
 
REST vs GraphQL
REST vs GraphQLREST vs GraphQL
REST vs GraphQL
 
Standing out as a new grad candidate
Standing out as a new grad candidateStanding out as a new grad candidate
Standing out as a new grad candidate
 
Introduction to GraphQL
Introduction to GraphQLIntroduction to GraphQL
Introduction to GraphQL
 
GraphQL Advanced
GraphQL AdvancedGraphQL Advanced
GraphQL Advanced
 
How to GraphQL
How to GraphQLHow to GraphQL
How to GraphQL
 
GraphQL is new sexy
GraphQL is new sexyGraphQL is new sexy
GraphQL is new sexy
 
GraphQL Fundamentals
GraphQL FundamentalsGraphQL Fundamentals
GraphQL Fundamentals
 

Similar to GraphQL Misconfiguration

Getting Started with Spring for GraphQL
Getting Started with Spring for GraphQLGetting Started with Spring for GraphQL
Getting Started with Spring for GraphQL
VMware Tanzu
 
Training Series: Build APIs with Neo4j GraphQL Library
Training Series: Build APIs with Neo4j GraphQL LibraryTraining Series: Build APIs with Neo4j GraphQL Library
Training Series: Build APIs with Neo4j GraphQL Library
Neo4j
 
DEVOXX UK 2018 - GraphQL as an alternative approach to REST
DEVOXX UK 2018 - GraphQL as an alternative approach to RESTDEVOXX UK 2018 - GraphQL as an alternative approach to REST
DEVOXX UK 2018 - GraphQL as an alternative approach to REST
luisw19
 
Exposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsExposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIs
WSO2
 
Implementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPCImplementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPC
Tim Burks
 
Simplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) Extension
Simplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) ExtensionSimplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) Extension
Simplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) Extension
VMware Tanzu
 

Similar to GraphQL Misconfiguration (20)

Getting Started with Spring for GraphQL
Getting Started with Spring for GraphQLGetting Started with Spring for GraphQL
Getting Started with Spring for GraphQL
 
Training Series: Build APIs with Neo4j GraphQL Library
Training Series: Build APIs with Neo4j GraphQL LibraryTraining Series: Build APIs with Neo4j GraphQL Library
Training Series: Build APIs with Neo4j GraphQL Library
 
GraphQL_devoxx_2023.pptx
GraphQL_devoxx_2023.pptxGraphQL_devoxx_2023.pptx
GraphQL_devoxx_2023.pptx
 
Tutorial: Building a GraphQL API in PHP
Tutorial: Building a GraphQL API in PHPTutorial: Building a GraphQL API in PHP
Tutorial: Building a GraphQL API in PHP
 
GraphQL API Gateway and microservices
GraphQL API Gateway and microservicesGraphQL API Gateway and microservices
GraphQL API Gateway and microservices
 
How easy (or hard) it is to monitor your graph ql service performance
How easy (or hard) it is to monitor your graph ql service performanceHow easy (or hard) it is to monitor your graph ql service performance
How easy (or hard) it is to monitor your graph ql service performance
 
An oss api layer for your cassandra
An oss api layer for your cassandraAn oss api layer for your cassandra
An oss api layer for your cassandra
 
GraphQL-ify your API - JFall 2022
GraphQL-ify your API - JFall 2022GraphQL-ify your API - JFall 2022
GraphQL-ify your API - JFall 2022
 
DEVOXX UK 2018 - GraphQL as an alternative approach to REST
DEVOXX UK 2018 - GraphQL as an alternative approach to RESTDEVOXX UK 2018 - GraphQL as an alternative approach to REST
DEVOXX UK 2018 - GraphQL as an alternative approach to REST
 
Graphql
GraphqlGraphql
Graphql
 
Training Week: GraphQL 2022
Training Week: GraphQL 2022Training Week: GraphQL 2022
Training Week: GraphQL 2022
 
Exposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsExposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIs
 
Building Fullstack Serverless GraphQL APIs In The Cloud
Building Fullstack Serverless GraphQL APIs In The CloudBuilding Fullstack Serverless GraphQL APIs In The Cloud
Building Fullstack Serverless GraphQL APIs In The Cloud
 
What could go wrong with a GraphQL query and can OpenTelemetry help? KubeCon...
What could go wrong with a GraphQL query and can OpenTelemetry help? KubeCon...What could go wrong with a GraphQL query and can OpenTelemetry help? KubeCon...
What could go wrong with a GraphQL query and can OpenTelemetry help? KubeCon...
 
GraphQL
GraphQLGraphQL
GraphQL
 
GraphQL the holy contract between client and server
GraphQL the holy contract between client and serverGraphQL the holy contract between client and server
GraphQL the holy contract between client and server
 
Implementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPCImplementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPC
 
Simplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) Extension
Simplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) ExtensionSimplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) Extension
Simplify Access to Data from Pivotal GemFire Using the GraphQL (G2QL) Extension
 
Marco Liberati - Graph analytics
Marco Liberati - Graph analyticsMarco Liberati - Graph analytics
Marco Liberati - Graph analytics
 
GraphQL-ify your APIs
GraphQL-ify your APIsGraphQL-ify your APIs
GraphQL-ify your APIs
 

Recently uploaded

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

GraphQL Misconfiguration

  • 2. C O N T E N T S Part 01 Part 02 GraphQL Rest vs Graphql Part 03 Terminologies Part 04 Part 05 Part 06 Endpoint & Tools Attacks Vectors Practice Labs
  • 4. 01 GraphQL GraphQL is a query language for your API, and a server- side runtime for executing queries by using a type system you define for your data. GraphQL isn't tied to any specific database or storage engine and is instead backed by your existing code and data. A GraphQL service is created by defining types and fields on those types, then providing functions for each field on each type.
  • 6.
  • 7.
  • 8.
  • 10. 03 Terminologies Queries and Mutations Schema and Types Arguments Fields Variable OperationName
  • 12. 04 GraphQL Endpoints & Tools • /graphql • /graphql/console/ • /graphql.php • /graphiql • /graphiql.php • ....etc, • Graphiql • Graphql Playground • Graphql Raider (Burp-Extension) • InQL (Burp-Extension) Endpoints Tools
  • 14. Introspection Query DOS IDOR & Authorization Bypass Injections Mutation 05 Attack Vectors
  • 15. 05 Introspection Query { __schema { directives { name description } subscriptionType { name description } types { name description } queryType { name description } mutationType { name description } queryType { name description } } } 1. query allSchemaTypes { __schema { types { name kind description } } } 2. query availableQueries { __schema { queryType { fields { name description } } } } 3. query EnumerationValues { __type(name: "<ENUM TYPE>") { kind name description enumValues { name description } } } https://hackerone.com/reports/291531
  • 16. 05 DOS / Nested Queries query{ allUsers{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ posts{ author{ username } } } } } } } } } } } } } } } } } } }
  • 17. 05 IDOR & Bypass Authorization
  • 18. 05 Injections • SQL Injections • Command Injections • XSS • etc.., SQL Injection
  • 19. 05 Mutations • SQL Injections • Command Injections • XSS • Change/Modify the Details • etc.., SQL Injection
  • 22. Contact: Email: hsengar.100@gmail.com Twitter: https://www.twitter.com/sengarharshit1 Linkedin: https://www.linkedin.com/in/sengarharshit1 Medium: https://www.medium.com/@sengarharshit1 THANK YOU