Skip to content
🎉 Welcome! Enjoy your reading, and I hope you will learn something new.
Learning Notes
Web Exploitation
GraphQL

GraphQL

Introspection Query

query
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

{
    __schema {
        queryType {
            name
        }
        mutationType {
            name
        }
        subscriptionType {
            name
        }
        types {
            ...FullType
        }
        directives {
            name description locations args {
                ...InputValue
            }
        }
    }
}
fragment FullType on __Type {
    kind name description fields(includeDeprecated: true) {
        name description args {
            ...InputValue
        }
        type {
            ...TypeRef
        }
        isDeprecated deprecationReason
    }
    inputFields {
        ...InputValue
    }
    interfaces {
        ...TypeRef
    }
    enumValues(includeDeprecated: true) {
        name description isDeprecated deprecationReason
    }
    possibleTypes {
        ...TypeRef
    }
}
fragment InputValue on __InputValue {
    name description type {
        ...TypeRef
    }
    defaultValue
}
fragment TypeRef on __Type {
    kind name ofType {
        kind name ofType {
            kind name ofType {
                kind name ofType {
                    kind name ofType {
                        kind name ofType {
                            kind name ofType {
                                kind name
                            }
                        }
                    }
                }
            }
        }
    }
}
inline
{__schema{queryType{name}mutationType{name}subscriptionType{name}types{...FullType}directives{name description locations args{...InputValue}}}}fragment FullType on __Type{kind name description fields(includeDeprecated:true){name description args{...InputValue}type{...TypeRef}isDeprecated deprecationReason}inputFields{...InputValue}interfaces{...TypeRef}enumValues(includeDeprecated:true){name description isDeprecated deprecationReason}possibleTypes{...TypeRef}}fragment InputValue on __InputValue{name description type{...TypeRef}defaultValue}fragment TypeRef on __Type{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name}}}}}}}}

Tools

Challenges

Root-Me

Portswigger

Resources

Last updated on
File InclusionJSON Web Token