CERBERUS/sqlmap
1
0
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2026-06-28 04:20:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Adding support for GraphQL (--graphql)

Browse source
This commit is contained in:
Miroslav Štampar 2026-06-27 19:23:30 +02:00
parent 2893fd5c4d
commit f6912fc921
11 changed files with 2207 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

8
lib/controller/checks.py
View file

@ -79,6 +79,7 @@ from lib.core.settings import DEFAULT_GET_POST_DELIMITER
from lib.core.settings import DUMMY_NON_SQLI_CHECK_APPENDIX
from lib.core.settings import FI_ERROR_REGEX
from lib.core.settings import FORMAT_EXCEPTION_STRINGS
from lib.core.settings import GRAPHQL_ERROR_REGEX
from lib.core.settings import HEURISTIC_CHECK_ALPHABET
from lib.core.settings import INFERENCE_EQUALS_CHAR
from lib.core.settings import IPS_WAF_CHECK_PAYLOAD
@ -1178,6 +1179,13 @@ def heuristicCheckSqlInjection(place, parameter):
if conf.beep:
beep()
if not conf.graphql and re.search(GRAPHQL_ERROR_REGEX, page or ""):
infoMsg = "heuristic (GraphQL) test shows that %sparameter '%s' appears to be a GraphQL endpoint (rerun with switch '--graphql')" % ("%s " % paramType if paramType != parameter else "", parameter)
logger.info(infoMsg)
if conf.beep:
beep()
kb.disableHtmlDecoding = False
kb.heuristicMode = False