Merge pull request #33 from jankoksik/main

fixed headers and added new endpoints option
dolevf · Aug 29, 2024 · b11011a · b11011a
2 parents 98da7ed + 83b6bcf
commit b11011a
Show file tree

Hide file tree

Showing 3 changed files with 373 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -58,14 +58,18 @@ Options:
                         "Bearer eyjt"}' - Use multiple -H for additional
                         Headers
   -o FORMAT, --output=FORMAT
-                        json
+                        json, html
+  -E ENDPOINT, --endpoint=ENDPOINT
+                        Append custom endpoints to the search list  - Use
+                        multiple -E for additional Endpoints to check.
   -f, --force           Forces a scan when GraphQL cannot be detected
   -d, --debug           Append a header with the test name for debugging
   -x PROXY, --proxy=PROXY
                         HTTP(S) proxy URL in the form
                         http://user:pass@host:port
   -v, --version         Print out the current version and exit.
-  -T, --tor           Enable Tor proxy
+  -T, --tor             Sends the request through the Tor network (ensure Tor
+                        is running and properly configured)
 ```
 
 Test a website

diff --git a/graphql-cop.py b/graphql-cop.py
@@ -20,15 +20,16 @@
 from lib.tests.info_get_based_mutation import get_based_mutation
 from lib.tests.info_post_based_csrf import post_based_csrf
 from lib.tests.info_unhandled_error import unhandled_error_detection
-from lib.utils import is_graphql, draw_art
+from lib.utils import is_graphql, draw_art, generate_html_output
 
 from termcolor import colored
 
 parser = OptionParser(usage='%prog -t http://example.com -o json')
 parser.add_option('-t', '--target', dest='url', help='target url with the path - if a GraphQL path is not provided, GraphQL Cop will iterate through a series of common GraphQL paths')
 parser.add_option('-H', '--header', dest='header', action='append', help='Append Header(s) to the request \'{"Authorization": "Bearer eyjt"}\' - Use multiple -H for additional Headers')
 parser.add_option('-o', '--output', dest='format',
-                        help='json', default=False)
+                        help='json, html', default=False)
+parser.add_option('-E', '--endpoint', dest='endpoint', action='append', help='Append custom endpoints to the search list  - Use multiple -E for additional Endpoints to check.')
 parser.add_option('-f', '--force', dest='forced_scan', action='store_true',
                         help='Forces a scan when GraphQL cannot be detected', default=False)
 parser.add_option('-d', '--debug', dest='debug_mode', action='store_true',
@@ -71,6 +72,10 @@
 if options.header != None:
     try:
         for l in options.header:
+            #parser deleted " sign
+            if ":" in l:
+                key, value = l.split(":", 1)
+                l = dumps({key.strip(): value.strip()})
             extra_headers = loads(l)
             HEADERS.update(extra_headers)
     except:
@@ -83,6 +88,17 @@
     url = options.url
 
 endpoints = ['/graphiql', '/playground', '/console', '/graphql']
+
+if options.endpoint != None:
+    try:
+        for e in options.endpoint:
+            #check if format /endpoint is ensured, if not ensure it yourself
+            if not e.startswith("/"):
+                e = "/"+e
+            endpoints.append(e)
+    except:
+         print("Cannot cast %s into endpoints list."%(options.header))
+
 paths = []
 parsed = urlparse(url)
 
@@ -106,14 +122,20 @@
             print(path, 'does not seem to be running GraphQL. (Consider using -f to force the scan if GraphQL does exist on the endpoint)')
             continue
         else:
-            print('Running a forced scan against the endpoint')
+            print(f'Running a forced scan against the endpoint /{path.split("/")[-1]}')
     for test in tests:
-        json_output.append(test(path, proxy, HEADERS, options.debug_mode))
+        try: #force param is cousing output to crash if no graphql detected
+            json_output.append(test(path, proxy, HEADERS, options.debug_mode))
+        except:
+            pass
+
 
 json_output = sorted(json_output, key=lambda d: d['title']) 
 
 if options.format == 'json':
     print(dumps(json_output))
+elif options.format == "html":
+    generate_html_output("https://github.com/dolevf/graphql-cop/blob/main/static/images/logo.png?raw=true", "./", json_output, paths)
 else:
     for i in json_output:
         if i['result']: