Summary
- This article explains how hackers can exploit GraphQL endpoints if they are misconfigured.
- It forms part one of a series on how an attacker can use a GraphQL endpoint to gain Remote Code Execution (RCE).
- The techniques described are based on real attacks in the wild and show how a hacker can turn a GraphQL API into a goldmine.
- Phase one entails finding the GraphQL endpoint, a task helped by using tools such as waybackurls, gau and hakrawler.
- Looking for patterns in JavaScript files is also helpful in this phase.
- The article gives the relevant code to look for to succeed in this first phase.
By Monika sharma
Original Article