utils.py

#!/usr/bin/python
import argparse
import json

import requests

cmdlist = ["exit", "help", "dump_old", "dump_new", "postgresqli", "mysqli", "mssqli", "nosqli", "mutation", "edges",
           "node", "$regex", "$ne", "__schema"]


def auto_completer(text, state):
    options = [x for x in cmdlist if x.startswith(text)]
    try:
        return options[state]
    except IndexError:
        return None


def jq(data):
    return json.dumps(data, indent=4, sort_keys=True)


def requester(url, method, payload, headers=None):
    if method == "POST":
        data = {
            "query": payload.replace("+", " ")
        }
        r = requests.post(url, data=data, verify=False, headers=headers)
        if r.status_code == 500:
            print("\033[91m/!\ API didn't respond correctly to a POST method !\033[0m")
            return None
    else:
        r = requests.get(url + "?query={}".format(payload), verify=False)
    return r


def parse_args():
    parser = argparse.ArgumentParser()
    parser.add_argument('-u', action='store', dest='url', help="URL to query : example.com/graphql?query={}")
    parser.add_argument('-v', action='store', dest='verbosity', help="Enable verbosity", nargs='?', const=True)
    parser.add_argument('--method', action='store', dest='method',
                        help="HTTP Method to use interact with /graphql endpoint", nargs='?', const=True, default="GET")
    parser.add_argument('--headers', action='store', dest='headers', help="HTTP Headers sent to /graphql endpoint",
                        nargs='?', const=True, type=str)
    results = parser.parse_args()
    if results.url is None:
        parser.print_help()
        exit()
    return results


def display_help():
    print("[+] \033[92mdump_old    \033[0m: dump GraphQL schema (fragment+FullType)")
    print("[+] \033[92mdump_new    \033[0m: dump GraphQL schema (IntrospectionQuery)")
    print("[+] \033[92mnosqli      \033[0m: exploit a nosql injection inside a GraphQL query")
    print("[+] \033[92mpostgresqli \033[0m: exploit a sql injection inside a GraphQL query")
    print("[+] \033[92mysqli       \033[0m: exploit a sql injection inside a GraphQL query")
    print("[+] \033[92mssqli       \033[0m: exploit a sql injection inside a GraphQL query")
    print("[+] \033[92mexit        \033[0m: gracefully exit the application")