Web - Server

Tuesday 24 November 2020, 11:06  #1
Web - Server GraphQL
Vu Hai Dang
Vu Hai Dang
  • 7 posts

Hi everyone, I get stuck in this chall because the result of my GraphQL query is forbidden(since I’m not admin). Do the jwt in Authorization header need considering ? Thanks in advance

Tuesday 24 November 2020, 11:11  #2
Web - Server GraphQL
grillette
grillette
  • 28 posts

Hi,
No it does not. The chall name give a pretty good hint on what’s important in this challenge. You should focus on this point.
Good luck !

Thursday 3 December 2020, 10:41  #3
Web - Server GraphQL
Vu Hai Dang
Vu Hai Dang
  • 7 posts

I intended to pass this challenge before thank you but I couldn’t :( Based on your reply I focused more and more to graphQL, I revealed all the introspection system and used https://apis.guru/graphql-voyager/ to beautify it, but all the response when I tried to retrieve the flag was still NULL. I’m so stressful right now can you give me some more hints? Thanks in advance

Thursday 3 December 2020, 11:32  #4
Web - Server GraphQL
Vu Hai Dang
Vu Hai Dang
  • 7 posts

I tried all the rootMutation too and got nothing

Thursday 3 December 2020, 11:40  #5
Web - Server GraphQL
Vu Hai Dang
Vu Hai Dang
  • 7 posts

Oh nevermind I solved it. Again thank you very much. Appreciate your help

Thursday 3 December 2020, 18:08  #6
Web - Server GraphQL
grillette
grillette
  • 28 posts

You’re welcome ! :)
Well played

Sunday 6 December 2020, 01:18  #7
[CLOSED] Web - Server GraphQL
Th1b4ud
Th1b4ud
  • 1636 posts

Great job. Thanks @grillette for the help