Finding a Hidden GraphQL Endpoint

Опубликовано: 15 Апрель 2024
на канале: Intigriti

3,070

👩‍🎓👨‍🎓 Learn about GraphQL API vulnerabilities! The user management functions for this lab are powered by a hidden GraphQL endpoint. We won't be able to find this endpoint by simply clicking pages in the site. The endpoint also has some defenses against introspection. To solve the lab, we must sign in as the administrator and delete the user carlos.

If you're struggling with the concepts covered in this lab, please review https://portswigger.net/web-security/... 🧠

🔗 ‪@PortSwiggerTV‬ challenge: https://portswigger.net/web-security/...

🧑💻 Sign up and start hacking right now - https://go.intigriti.com/register

👾 Join our Discord - https://go.intigriti.com/discord

🎙️ This show is hosted by / _cryptocat ( ‪@_CryptoCat‬ ) & / intigriti

👕 Do you want some Intigriti Swag? Check out https://swag.intigriti.com

Overview:
0:00 Intro
0:27 Bypassing GraphQL introspection defenses
1:20 Lab: Finding a hidden GraphQL endpoint
1:42 Explore site functionality
2:04 Manually identify GraphQL API endpoints
2:44 Fuzz API endpoints with intruder
3:30 Probe API endpoint
5:10 Set introspection query
5:28 Visualise schema
5:56 Exploit the vulnerability
7:23 Conclusion