Nytro Posted March 20, 2022 Report Posted March 20, 2022 Damn Vulnerable GraphQL Application Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. Table of Contents About DVGA Operation Modes Scenarios Prerequisites Installation Installation - Docker Installation - Docker Registry Installation - Server Screenshots Maintainers Contributors Mentions Disclaimer License About DVGA Damn Vulnerable GraphQL is a deliberately weak and insecure implementation of GraphQL that provides a safe environment to attack a GraphQL application, allowing developers and IT professionals to test for vulnerabilities. DVGA has numerous flaws, such as Injections, Code Executions, Bypasses, Denial of Service, and more. See the full list under the Scenarios section. Operation Modes DVGA supports Beginner and Expert level game modes, which will change the exploitation difficulty. Scenarios Reconnaissance Discovering GraphQL Fingerprinting GraphQL Denial of Service Batch Query Attack Deep Recursion Query Attack Resource Intensive Query Attack Field Duplication Attack Aliases based Attack Information Disclosure GraphQL Introspection GraphiQL Interface GraphQL Field Suggestions Server Side Request Forgery Code Execution OS Command Injection #1 OS Command Injection #2 Injection Stored Cross Site Scripting Log spoofing / Log Injection HTML Injection Authorization Bypass GraphQL Interface Protection Bypass GraphQL Query Deny List Bypass Miscellaneous GraphQL Query Weak Password Protection Arbitrary File Write // Path Traversal Prerequisites The following Python3 libraries are required: Python3 (3.6+) Flask Flask-SQLAlchemy Graphene Graphene-SQLAlchemy See requirements.txt for dependencies. Installation Docker Clone the repository git clone git@github.com:dolevf/Damn-Vulnerable-GraphQL-Application.git && cd Damn-Vulnerable-GraphQL-Application Build the Docker image docker build -t dvga . Create a container from the image docker run -t -p 5013:5013 -e WEB_HOST=0.0.0.0 dvga In your browser, navigate to http://localhost:5013 Note: if you need the application to bind on a specific port (e.g. 8080), use -e WEB_PORT=8080. Docker Registry Pull the docker image from Docker Hub docker pull dolevf/dvga Create a container from the image docker run -t -p 5013:5013 -e WEB_HOST=0.0.0.0 dolevf/dvga In your browser, navigate to http://localhost:5013 Server Navigate to /opt cd /opt/ Clone the repository git clone git@github.com:dolevf/Damn-Vulnerable-GraphQL-Application.git && cd Damn-Vulnerable-GraphQL-Application Install Requirements pip3 install -r requirements.txt Run application python3 app.py In your browser, navigate to http://localhost:5013. Screenshots Maintainers Dolev Farhi Connor McKinnon Contributors A big Thank You to the kind people who helped make DVGA better: Halfluke Mentions OWASP Vulnerable Web Applications Directory GraphQL Weekly DZone API Security Weekly KitPloit tl;dr sec #72 Intigriti Blog STÖK - Bounty Thursdays #26 Brakeing Security 2021-007 Yes We Hack - How to Exploit GraphQL GraphQL Editor GraphQL Hacking (Portuguese) InQL GraphQL Scanner Demo H4ck3d - Security Conference 2021 (Spanish) Christina Hasternath - GraphQLConf 2021 Hacking APIs (Ch14) by Corey Ball - No Starch Press Hacking Simplified Part #1 Hacking Simplified Part #2 Disclaimer DVGA is highly insecure, and as such, should not be deployed on internet facing servers. By default, the application is listening on 127.0.0.1 to avoid misconfigurations. DVGA is intentionally flawed and vulnerable, as such, it comes with no warranties. By using DVGA, you take full responsibility for using it. License It is distributed under the MIT License. See LICENSE for more information. Sursa: https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application Quote
