Edited image link to point to asset

2022-07-14 12:43:35 -07:00 · 2022-07-14 12:43:35 -07:00 · 1828693136
commit 1828693136
parent a2e8f8e2b5
1 changed files with 1 additions and 1 deletions
--- a/network-services-pentesting/pentesting-web/graphql.md
+++ b/network-services-pentesting/pentesting-web/graphql.md
@ -329,7 +329,7 @@ Mutation could even lead to account take over trying to modify other account dat
 [Chaining queries](https://s1n1st3r.gitbook.io/theb10g/graphql-query-authentication-bypass-vuln) together can bypass a weak authentication system.

 In the below example you can see that the operation is "forgotPassword" and that it should only execute the forgotPassword query associated with it. This can be bypassed by adding a query to the end, in this case we add "register" and a user variable for the system to register as a new user.
-![](https://1605949182-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FuSROL4SI6SkTn8EwsIii%2Fuploads%2Fv1XrpYG9R6yTC6OsoEsW%2FauthBypass.PNG?alt=media&token=6d52ed67-6350-4765-b956-38581a97bbe2)
+![](<../../.gitbook/assets/GraphQLAuthBypassMethod.png>)

 ## Leaked GraphQL Structures
 If introspection is disabled, try looking at the website source code. The queries are often pre loaded into browser as javascript libraries. These prewritten queries can reveal powerful information about the schema and use of each object and function. The `Sources` tab of the developer tools can search all files to enumerate where the queries are saved. Sometimes even the administrator protected queries are already exposed.