swisskyrepo
/
GraphQLmap
mirror of https://github.com/swisskyrepo/GraphQLmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

GraphQLmap Package

pull/40/head
Swissky 2022-01-17 16:22:22 +01:00
parent 7df7ae26a8
commit 08413ed409
6 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -23,7 +23,8 @@ You can also contribute with a :beers: IRL or using Github Sponsoring button.
```basic ```basic
$ git clone https://github.com/swisskyrepo/GraphQLmap $ git clone https://github.com/swisskyrepo/GraphQLmap
$ python graphqlmap.py $ python setup.py install
$ graphqlmap
_____ _ ____ _ _____ _ ____ _
/ ____| | | / __ \| | / ____| | | / __ \| |
| | __ _ __ __ _ _ __ | |__ | | | | | _ __ ___ __ _ _ __ | | __ _ __ __ _ _ __ | |__ | | | | | _ __ ___ __ _ _ __
@ -54,10 +55,10 @@ optional arguments:
```py ```py
# Connect using POST and providing an authentication token # Connect using POST and providing an authentication token
python3 graphqlmap.py -u https://yourhostname.com/graphql -v --method POST --headers '{"Authorization" : "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZXh0Ijoibm8gc2VjcmV0cyBoZXJlID1QIn0.JqqdOesC-R4LtOS9H0y7bIq-M8AGYjK92x4K3hcBA6o"}' graphqlmap -u https://yourhostname.com/graphql -v --method POST --headers '{"Authorization" : "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZXh0Ijoibm8gc2VjcmV0cyBoZXJlID1QIn0.JqqdOesC-R4LtOS9H0y7bIq-M8AGYjK92x4K3hcBA6o"}'
# Pass request through Burp Proxy # Pass request through Burp Proxy
python graphqlmap.py -u "http://172.17.0.1:5013/graphql" --proxy http://127.0.0.1:8080 graphqlmap -u "http://172.17.0.1:5013/graphql" --proxy http://127.0.0.1:8080
``` ```
### Dump a GraphQL schema ### Dump a GraphQL schema

2
graphqlmap.py → bin/graphqlmap
View File

@ -5,7 +5,7 @@ try:
except ImportError: except ImportError:
import pyreadline as readline import pyreadline as readline
from attacks import * from graphqlmap.attacks import *
import urllib3 import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

0
graphqlmap/__init__.py Normal file
View File

2
attacks.py → graphqlmap/attacks.py
View File

@ -1,5 +1,5 @@
#!/usr/bin/python #!/usr/bin/python
from utils import * from graphqlmap.utils import *
import re import re
import time import time

0
utils.py → graphqlmap/utils.py
View File

21
setup.py Normal file
View File

@ -0,0 +1,21 @@
import setuptools
with open("README.md", "r") as fh:
long_description = fh.read()
setuptools.setup(
name="graphqlmap",
version="0.0.1",
description="scripting engine to interact with a GraphQL endpoint for pentesting purposes",
long_description=long_description,
long_description_content_type="text/markdown",
url="https://github.com/swisskyrepo/GraphQLmap",
packages=setuptools.find_packages(),
scripts=["bin/graphqlmap"],
classifiers=[
"Programming Language :: Python :: 3",
"License :: OSI Approved :: MIT License",
"Operating System :: OS Independent",
],
python_requires='>=3.6',
)