Scribd
Upload
10 views2 pages

Other Script6

Uploaded by

panaghiotidismatthieu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
10 views2 pages

Other Script6

Uploaded by

panaghiotidismatthieu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

#!

/usr/bin/env python3

try:
import readline
except ImportError:
import pyreadline as readline

from attacks import *


import urllib3

urllib3.disable_warnings([Link])

class GraphQLmap(object):
author = "@pentest_swissky"
version = "1.0"
endpoint = "graphql"
method = "POST"
args = None
url = None
headers = None
use_json = False

def __init__(self, args_graphql):


print(" _____ _ ____ _
")
print(" / ____| | | / __ \| |
")
print(" | | __ _ __ __ _ _ __ | |__ | | | | | _ __ ___ __ _ _ __
")
print(" | | |_ | '__/ _` | '_ \| '_ \| | | | | | '_ ` _ \ / _` | '_ \
")
print(" | |__| | | | (_| | |_) | | | | |__| | |____| | | | | | (_| | |_)
|")
print(" \_____|_| \__,_| .__/|_| |_|\___\_\______|_| |_| |_|\__,_| .__/
")
print(" | | | |
")
print(" |_| |_|
")
print(" " * 30, end="")
print(
f"\033[1mAuthor\033[0m: {[Link]} \033[1mVersion\033[0m:
{[Link]} "
)
[Link] = args_graphql
[Link] = args_graphql.url
[Link] = args_graphql.method
[Link] = (
None if not args_graphql.headers else [Link](args_graphql.headers)
)
self.use_json = True if args_graphql.use_json else False

while True:
query = input("GraphQLmap > ")
[Link](query)
if query == "exit" or query == "q":
exit()
elif query == "help":
display_help()

elif query == "debug":


display_types([Link], [Link], [Link], self.use_json)

elif query == "dump_new":


dump_schema([Link], [Link], 15, [Link], self.use_json)

elif query == "dump_old":


dump_schema([Link], [Link], 14, [Link], self.use_json)

elif query == "nosqli":


blind_nosql([Link], [Link], [Link], self.use_json)

elif query == "postgresqli":


blind_postgresql([Link], [Link], [Link],
self.use_json)

elif query == "mysqli":


blind_mysql([Link], [Link], [Link], self.use_json)

elif query == "mssqli":


blind_mssql([Link], [Link], [Link], self.use_json)

else:
exec_advanced(
args_graphql.url, [Link], query, [Link],
self.use_json
)

if __name__ == "__main__":
readline.set_completer(auto_completer)
readline.parse_and_bind("tab: complete")
args = parse_args()
GraphQLmap(args)

You might also like