def getUiComponent(self):
"""
Override ITab method
:return: Tab UI Component
"""
overrideheaders = {}
repeater_sender = RepeaterSenderAction(callbacks=self._callbacks,
helpers=self._helpers,
text="Send to Repeater",
overrideheaders=overrideheaders)
custom_header_setter = CustomHeaderSetterAction(
overrideheaders=overrideheaders, text="Set Custom Header")
try:
restore = self._callbacks.loadExtensionSetting(
GraphQLPanel.__name__)
except Exception as ex:
print("Cannot restore state! %s" % ex)
restore = None
proxy = None
for request_listener in json.loads(self._callbacks.saveConfigAsJson()
)["proxy"]["request_listeners"]:
if request_listener["running"]:
proxy = "localhost:%s" % request_listener["listener_port"]
break
self.panel = GraphQLPanel(
actions=[repeater_sender, custom_header_setter],
restore=restore,
proxy=proxy)
self._callbacks.customizeUiComponent(self.panel.this)
return self.panel.this
class GraphQLTab(ITab):
"""
Java GUI
"""
def __init__(self, callbacks, helpers):
self._callbacks = callbacks
self._helpers = helpers
def getTabCaption(self):
"""
Override ITab method
:return: tab name
"""
return "InQL Scanner"
def getUiComponent(self):
"""
Override ITab method
:return: Tab UI Component
"""
overrideheaders = {}
repeater_sender = RepeaterSenderAction(callbacks=self._callbacks,
helpers=self._helpers,
text="Send to Repeater",
overrideheaders=overrideheaders)
custom_header_setter = CustomHeaderSetterAction(
overrideheaders=overrideheaders, text="Set Custom Header")
try:
restore = self._callbacks.loadExtensionSetting(
GraphQLPanel.__name__)
except Exception as ex:
print("Cannot restore state! %s" % ex)
restore = None
proxy = None
for request_listener in json.loads(self._callbacks.saveConfigAsJson()
)["proxy"]["request_listeners"]:
if request_listener["running"]:
proxy = "localhost:%s" % request_listener["listener_port"]
break
self.panel = GraphQLPanel(
actions=[repeater_sender, custom_header_setter],
restore=restore,
proxy=proxy)
self._callbacks.customizeUiComponent(self.panel.this)
return self.panel.this
def save(self):
"""
Save Extension State before exiting
:return: None
"""
try:
self._callbacks.saveExtensionSetting(self.panel.__class__.__name__,
self.panel.state())
except:
print("Cannot save state!")
def getUiComponent(self):
"""
Override ITab method
:return: Tab UI Component
"""
overrideheaders = {}
repeater_omnimenu = OmniMenuItem(callbacks=self._callbacks,
helpers=self._helpers,
text="Send to Repeater")
graphiql_omnimenu = OmniMenuItem(callbacks=self._callbacks,
helpers=self._helpers,
text="Send to GraphiQL")
http_mutator = EnhancedHTTPMutator(callbacks=self._callbacks,
helpers=self._helpers,
overrideheaders=overrideheaders)
repeater_sender = RepeaterSenderAction(omnimenu=repeater_omnimenu,
http_mutator=http_mutator)
graphiql_sender = GraphiQLSenderAction(omnimenu=graphiql_omnimenu,
http_mutator=http_mutator)
custom_header_setter = CustomHeaderSetterAction(
overrideheaders=overrideheaders, text="Set Custom Header")
try:
restore = self._callbacks.loadExtensionSetting(
GraphQLPanel.__name__)
except Exception as ex:
print("Cannot restore state! %s" % ex)
restore = None
proxy = None
for request_listener in json.loads(self._callbacks.saveConfigAsJson()
)["proxy"]["request_listeners"]:
if request_listener["running"]:
proxy = "localhost:%s" % request_listener["listener_port"]
break
self.panel = GraphQLPanel(
actions=[repeater_sender, graphiql_sender, custom_header_setter],
restore=restore,
proxy=proxy,
http_mutator=http_mutator,
texteditor_factory=self._callbacks.createTextEditor)
self._callbacks.customizeUiComponent(self.panel.this)
return self.panel.this
def getUiComponent(self):
"""
Override ITab method
:return: Tab UI Component
"""
overrideheaders = {}
repeater_sender = RepeaterSenderAction(callbacks=self._callbacks,
helpers=self._helpers,
text="Send to Repeater",
overrideheaders=overrideheaders)
custom_header_setter = CustomHeaderSetterAction(
overrideheaders=overrideheaders, text="Set Custom Header")
try:
restore = self._callbacks.loadExtensionSetting(
GraphQLPanel.__name__)
except Exception as ex:
print("Cannot restore state! %s" % ex)
restore = None
self.panel = GraphQLPanel(
actions=[repeater_sender, custom_header_setter], restore=restore)
self._callbacks.customizeUiComponent(self.panel.this)
return self.panel.this
def main():
"""
Query a GraphQL endpoint with introspection in order to retrieve the documentation of all the Queries, Mutations & Subscriptions.
It will also generate Queries, Mutations & Subscriptions templates (with optional placeholders) for all the known types.
:return:
none
"""
# Args parser definition
# -----------------------
parser = argparse.ArgumentParser(prog="inql", description="InQL Scanner")
if platform.system() == "Java":
parser.add_argument(
"--nogui",
default=False,
dest="nogui",
action="store_true",
help="Start InQL Without Standalone GUI [Jython-only]")
parser.add_argument(
"-t",
default=None,
dest="target",
help="Remote GraphQL Endpoint (https://<Target_IP>/graphql)")
parser.add_argument("-f",
dest="schema_json_file",
default=None,
help="Schema file in JSON format")
parser.add_argument("-k", dest="key", help="API Authentication Key")
parser.add_argument(
'-p',
dest="proxy",
default=None,
help='IP of web proxy to go through (http://127.0.0.1:8080)')
parser.add_argument('--header', dest="headers", nargs=2, action='append')
parser.add_argument(
"-d",
dest="detect",
action='store_true',
default=False,
help=
"Replace known GraphQL arguments types with placeholder values (useful for Burp Suite)"
)
parser.add_argument("--generate-html",
dest="generate_html",
action='store_true',
default=True,
help="Generate HTML Documentation")
parser.add_argument("--generate-schema",
dest="generate_schema",
action='store_true',
default=True,
help="Generate JSON Schema Documentation")
parser.add_argument("--generate-queries",
dest="generate_queries",
action='store_true',
default=True,
help="Generate Queries")
parser.add_argument("--insecure",
dest="insecure_certificate",
action="store_true",
help="Accept any SSL/TLS certificate")
parser.add_argument("-o",
dest="output_directory",
default=os.getcwd(),
help="Output Directory")
args = parser.parse_args()
# -----------------------
args.requests = {}
args.stub_responses = {}
mkdir_p(args.output_directory)
os.chdir(args.output_directory)
if platform.system() == "Java" and args.nogui is not True:
from inql.widgets.tab import GraphQLPanel
from inql.actions.sendto import SimpleMenuItem, EnhancedHTTPMutator, GraphiQLSenderAction
from inql.actions.setcustomheader import CustomHeaderSetterAction
overrideheaders = {}
graphiql_omnimenu = SimpleMenuItem(text="Send to GraphiQL")
http_mutator = EnhancedHTTPMutator(requests=args.requests,
stub_responses=args.stub_responses,
overrideheaders=overrideheaders)
graphiql_sender = GraphiQLSenderAction(omnimenu=graphiql_omnimenu,
http_mutator=http_mutator)
custom_header_setter = CustomHeaderSetterAction(
overrideheaders=overrideheaders, text="Set Custom Header")
cfg = [['Proxy', args.proxy], ['Authorization Key', args.key],
['Load Placeholders', args.detect],
['Generate HTML DOC', args.generate_html],
['Generate Schema DOC', args.generate_schema],
['Generate Stub Queries', args.generate_queries],
['Accept Invalid SSL Certificate', args.insecure_certificate]]
return GraphQLPanel(actions=[custom_header_setter, graphiql_sender],
restore=json.dumps({'config': cfg}),
http_mutator=None,
requests=args.requests,
stub_responses=args.stub_responses).app()
else:
return init(args, lambda: parser.print_help())
class GraphQLTab(ITab):
"""
Java GUI
"""
def __init__(self, callbacks, helpers):
self._callbacks = callbacks
self._helpers = helpers
def getTabCaption(self):
"""
Override ITab method
:return: tab name
"""
return "InQL Scanner"
def getUiComponent(self):
"""
Override ITab method
:return: Tab UI Component
"""
overrideheaders = {}
repeater_omnimenu = OmniMenuItem(callbacks=self._callbacks,
helpers=self._helpers,
text="Send to Repeater")
graphiql_omnimenu = OmniMenuItem(callbacks=self._callbacks,
helpers=self._helpers,
text="Send to GraphiQL")
http_mutator = EnhancedHTTPMutator(callbacks=self._callbacks,
helpers=self._helpers,
overrideheaders=overrideheaders)
repeater_sender = RepeaterSenderAction(omnimenu=repeater_omnimenu,
http_mutator=http_mutator)
graphiql_sender = GraphiQLSenderAction(omnimenu=graphiql_omnimenu,
http_mutator=http_mutator)
custom_header_setter = CustomHeaderSetterAction(
overrideheaders=overrideheaders, text="Set Custom Header")
try:
restore = self._callbacks.loadExtensionSetting(
GraphQLPanel.__name__)
except Exception as ex:
print("Cannot restore state! %s" % ex)
restore = None
proxy = None
for request_listener in json.loads(self._callbacks.saveConfigAsJson()
)["proxy"]["request_listeners"]:
if request_listener["running"]:
proxy = "localhost:%s" % request_listener["listener_port"]
break
self.panel = GraphQLPanel(
actions=[repeater_sender, graphiql_sender, custom_header_setter],
restore=restore,
proxy=proxy,
http_mutator=http_mutator,
texteditor_factory=self._callbacks.createTextEditor)
self._callbacks.customizeUiComponent(self.panel.this)
return self.panel.this
def bring_in_front(self):
self.panel.this.setAlwaysOnTop(True)
self.panel.this.setAlwaysOnTop(False)
def save(self):
"""
Save Extension State before exiting
:return: None
"""
try:
self._callbacks.saveExtensionSetting(self.panel.__class__.__name__,
self.panel.state())
except:
print("Cannot save state!")