0% found this document useful (0 votes)
17 views3 pages

Other Script7

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
17 views3 pages

Other Script7

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

##!

/usr/bin/python
import argparse
import json

import requests

cmdlist = [
"exit",
"help",
"dump_old",
"dump_new",
"postgresqli",
"mysqli",
"mssqli",
"nosqli",
"mutation",
"edges",
"node",
"$regex",
"$ne",
"__schema",
]

def auto_completer(text, state):


options = [x for x in cmdlist if x.startswith(text)]
try:
return options[state]
except IndexError:
return None

def jq(data):
return json.dumps(data, indent=4, sort_keys=True)

def requester(url, method, payload, headers=None, use_json=False):


if method == "POST" or use_json:
data = {"query": payload.replace("+", " ")}
new_headers = {} if headers is None else headers.copy()
new_data = data.copy()
if use_json:
new_headers["Content-Type"] = "application/json"
new_data = json.dumps(data)
r = requests.post(url, data=new_data, verify=False, headers=new_headers)
if r.status_code == 500:
print("\033[91m/!\ API didn't respond correctly to a POST method !\
033[0m")
return None
else:
r = requests.get(
url + "?query={}".format(payload), verify=False, headers=headers
)
return r

def parse_args():
parser = argparse.ArgumentParser()
parser.add_argument(
"-u",
action="store",
dest="url",
help="URL to query : example.com/graphql?query={}",
)
parser.add_argument(
"-v",
action="store",
dest="verbosity",
help="Enable verbosity",
nargs="?",
const=True,
)
parser.add_argument(
"--method",
action="store",
dest="method",
help="HTTP Method to use interact with /graphql endpoint",
nargs="?",
const=True,
default="GET",
)
parser.add_argument(
"--headers",
action="store",
dest="headers",
help="HTTP Headers sent to /graphql endpoint",
nargs="?",
const=True,
type=str,
)
parser.add_argument(
"--json",
action="store",
dest="use_json",
help="Use JSON encoding, implies POST",
nargs="?",
const=True,
type=bool,
)
results = parser.parse_args()
if results.url is None:
parser.print_help()
exit()
return results

def display_help():
print("[+] \033[92mdump_old \033[0m: dump GraphQL schema
(fragment+FullType)")
print("[+] \033[92mdump_new \033[0m: dump GraphQL schema
(IntrospectionQuery)")
print(
"[+] \033[92mnosqli \033[0m: exploit a nosql injection inside a
GraphQL query"
)
print(
"[+] \033[92mpostgresqli \033[0m: exploit a sql injection inside a GraphQL
query"
)
print(
"[+] \033[92mysqli \033[0m: exploit a sql injection inside a GraphQL
query"
)
print(
"[+] \033[92mssqli \033[0m: exploit a sql injection inside a GraphQL
query"
)
print("[+] \033[92mexit \033[0m: gracefully exit the application")

You might also like