GraphQL API recon with mitmproxy
source link: https://dev.to/fx2301/graphql-api-recon-with-mitmproxy-2f5d
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Capturing live examples of GraphQL queries and responses all in one place vastly simplifies recon.
When?
You most want to do this when introspection is disabled. Otherwise when you need examples to help make sense of the API's semantics, or to develop a better intuition for where the weaknesses may be.
This script works out-of-the-box for the majority scenario: POST requests to /graphql
that use the operationName
parameter.
mitmdump -s capture.py
Enter fullscreen mode
Exit fullscreen mode
capture.py:
import json
import re
from mitmproxy import http
def response(flow: http.HTTPFlow) -> None:
if flow.request.url.endswith('/graphql'):
payload = json.loads(flow.request.content.decode('utf-8'))
filename = re.sub(r'[^a-zA-Z0-9]', '_', payload['operationName']) + '.example.txt'
with open(filename, 'w') as f:
json.dump(payload, fp=f, indent=2)
f.write(f"\n\n// ==== REQUEST ====\n\n")
f.write(f"{payload['query']}\n\n")
f.write("// ==== RESPONSE ====\n\n")
json.dump(json.loads(flow.response.content), fp=f, indent=2)
Enter fullscreen mode
Exit fullscreen mode
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK