Alex B. (r1p) blog
  • Home
  • Author
Subscribe
Tagged

graphql

A collection of 1 post

writeup

2020 Metasploit Community CTF – Queen of Spades (port 8202) [Web]

Port 8202 hosts a web application with a single login form. Trying to login with random credentials, we observed that it calls a GraphQL API to authenticate against the remote server. With the following payload we can dump the database schema and take a look at it: {__schema{types{name,

  • r1p
r1p Dec 8, 2020 • 1 min read
Alex B. (r1p) blog © 2022
Powered by Ghost