search

snoopysecurity / dvws-node

Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API related vulnerabilities.
GNU General Public License v3.0
442 stars 173 forks source link

GraphQL queries: Missing JWT Admin Auth Token #34

Closed nos111 closed 1 year ago

nos111 commented 2 years ago

Everytime I run one of the graphql queries I get the following error:

{ "errors": [ { "message": "Missing JWT Admin Auth Token", "locations": [ { "line": 2, "column": 3 } ], "path": [ "updateUserUploadFile" ], "extensions": { "code": "INTERNAL_SERVER_ERROR", "exception": { "stacktrace": [ "Error: Missing JWT Admin Auth Token", " at Object.updateUserUploadFile (/home/dvws-node/graphql/schema.js:121:17)", " at field.resolve (/home/dvws-node/node_modules/apollo-server-core/dist/utils/schemaInstrumentation.js:56:26)", " at executeField (/home/dvws-node/node_modules/graphql/execution/execute.js:481:20)", " at /home/dvws-node/node_modules/graphql/execution/execute.js:377:22", " at promiseReduce (/home/dvws-node/node_modules/graphql/jsutils/promiseReduce.js:23:9)", " at executeFieldsSerially (/home/dvws-node/node_modules/graphql/execution/execute.js:373:43)", " at executeOperation (/home/dvws-node/node_modules/graphql/execution/execute.js:347:14)", " at execute (/home/dvws-node/node_modules/graphql/execution/execute.js:136:20)", " at execute (/home/dvws-node/node_modules/apollo-server-core/dist/requestPipeline.js:205:48)", " at processGraphQLRequest (/home/dvws-node/node_modules/apollo-server-core/dist/requestPipeline.js:148:34)", " at processTicksAndRejections (node:internal/process/task_queues:96:5)", " at async processHTTPRequest (/home/dvws-node/node_modules/apollo-server-core/dist/runHttpQuery.js:220:30)" ] } } } ], "data": { "updateUserUploadFile": null } }

Query: mutation { updateUserUploadFile(filePath: "../../../../../../tmp/test.txt",fileContent:"foo") { filePath, fileContent } }

I think there must be some way to add an admin token but I couldn't find it.

snoopysecurity commented 2 years ago

Hey, the GraphQL API will ask for an admin token, but any user token can be provided to run this query.

So you can 1) create a new user through the application 2) The application will give you a JWT token, e.g. Authorization: Bearer 3) Now when sending the request to the GraphQL API, you can provide this token to bypass the authentication requirement

snoopysecurity commented 1 year ago

Closing due to inactivity