Hacking GraphQL : Hacker101 CTF BugDB v2

Hacker 101 CTF for Beginner Level GraphQL Hacking

https://graphql.org/

Introduction

This article is in continuation of the first article that you can find here: https://0xsanz.medium.com/hacking-graphql-hacker101-ctf-bugdb-v1-b0d2365814d1

Please read that article first and then follow along.

So go ahead and start the challenge number 2 in GraphQL series from Hacker 101 CTF

Run the Introspection query again and check the schema:

Supported queries

Here we can see that allBugs is bit different then from Level 1. Let’s query allUsers:

allUsers query — 1

So we have username admin and victim.Lets query further using allBugs:

allUsers query — 2

Hmm, we have a private field and lets check if we can modify using the mutation for id 2, which might be our victim:

Mutation

And yes we modified the private field for id 2. Lets query again using Query 2 which we used above:

And we get our second Flag.

This was a simple example of using Mutation, using which we have exposed some details which were private.Again understanding the schema and formatting the queries is the key here. But if you play around long enough, you will figure it out.

Thanks for reading. Have a nice day.