- CTF Name: BugDB v2
- Resource: Hacker101 CTF
- Difficulty: Easy
- Number of Flags: 1
Note::: NO, I won't be posting my found FLAGS, but I will be posting the methods I used.
- What has changed since last version?
- What do the queries tell you?
- Have you tried a mutation?
- Acquired By:
- This starts out the same a v1 so I first wanted to just poke around again and see if the same queries would work. The final script from the last challenge didn't work but working backwards from the errors I did get some information to show. This allowed me to see that there was an "admin" and "victim" user but how to exploit this?
- Now I wanted to play with the Bugs reports as I am guessing that that is where the flag is again. After some relocating of the "allBugs" query I noticed that it was missing a report from the victim. I bet it is set to private so how do I get it?
- Based on the third hint I need to learn more about GraphQL mutations. Mutations involve its own query where you mutate the Bugs private field. This will involve a mutation function that will change the private field to false and then re-running the previous query to view all the bug texts.
I learned a bit more about GraphQL and manipulating them but I have a gap as to the practical application of this. I am venturing to guess that because of the nature of GraphQL to give a LOT of information that it is a matter of manipulating the shown image blindly (or based off a known user) to find information that might be there but not directly viewable, yet.