From d9764b5d4f8384291978b9cb21a8b00b01afe7a9 Mon Sep 17 00:00:00 2001 From: dolevf Date: Sat, 27 Aug 2022 16:30:31 -0400 Subject: [PATCH] add new sigs --- README.md | 2 ++ graphw00f/helpers.py | 14 +++++++++++++- graphw00f/lib.py | 41 +++++++++++++++++++++++++++++++++++++++-- version.py | 2 +- 4 files changed, 55 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 85b733f..febd28b 100644 --- a/README.md +++ b/README.md @@ -59,6 +59,8 @@ graphw00f currently attempts to discover the following GraphQL engines: * Agoo - Ruby * Mercurius - JavaScript * morpheus-graphql - Haskell +* Lacinia - Clojure +* Caliban - Scala # GraphQL Threat Matrix The graphw00f project uses the [GraphQL Threat Matrix Project](https://github.com/nicholasaleks/graphql-threat-matrix/) as its technology security matrix database. When graphw00f successfully fingerprints a GraphQL endpoint, it will print out the threat matrix document. This document helps security engineers to identify how mature the technology is, what security features it offers, and whether it contains any CVEs. diff --git a/graphw00f/helpers.py b/graphw00f/helpers.py index 2101362..96de877 100644 --- a/graphw00f/helpers.py +++ b/graphw00f/helpers.py @@ -235,8 +235,20 @@ def get_engines(): 'morpheus-graphql':{ 'name':'morpheus-graphql', 'url':'https://github.com/morpheusgraphql/morpheus-graphql', - 'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/morpheus-graphql', + 'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/morpheus-graphql.md', 'technology':['Haskell'] + }, + 'lacinia':{ + 'name':'lacinia', + 'url':'https://github.com/walmartlabs/lacinia', + 'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/lacinia.md', + 'technology':['Clojure'] + }, + 'caliban':{ + 'name':'caliban', + 'url':'https://github.com/ghostdogpr/caliban', + 'ref':'https://github.com/nicholasaleks/graphql-threat-matrix/blob/master/implementations/caliban.md', + 'technology':['Scala'] } } diff --git a/graphw00f/lib.py b/graphw00f/lib.py index 4b94669..699958c 100644 --- a/graphw00f/lib.py +++ b/graphw00f/lib.py @@ -43,6 +43,10 @@ def execute(self, url): self.url = url if self.engine_lighthouse(): return 'lighthouse' + elif self.engine_caliban(): + return 'caliban' + elif self.engine_lacinia(): + return 'lacinia' elif self.engine_morpheus(): return 'morpheus-graphql' elif self.engine_mercurius(): @@ -433,7 +437,7 @@ def engine_graphqlgo(self): ''' response = self.graph_query(self.url, payload=query) try: - if response['data']['__typename'] == 'RootQuery': + if response['data'] != None and response['data']['__typename'] == 'RootQuery': return True except KeyError: pass @@ -611,7 +615,7 @@ def engine_mercurius(self): return False def engine_morpheus(self): - query = '''' + query = ''' queryy { __typename } @@ -623,3 +627,36 @@ def engine_morpheus(self): return False + def engine_lacinia(self): + query = ''' + query { + graphw00f + } + ''' + + response = self.graph_query(self.url, payload=query) + + if error_contains(response, 'Cannot query field `graphw00f\' on type `QueryRoot\'.'): + return True + + return False + + def engine_caliban(self): + query = ''' + query { + __typename + } + + fragment woof on __Schema { + directives { + name + } + } + ''' + + response = self.graph_query(self.url, payload=query) + + if error_contains(response, 'Fragment \'woof\' is not used in any spread'): + return True + + return False diff --git a/version.py b/version.py index 9d04529..6ab018f 100644 --- a/version.py +++ b/version.py @@ -1 +1 @@ -VERSION = '1.1.5' +VERSION = '1.1.7'