How to detect GraphQL endpoint using Python

Question

I am trying to detect a graphql endpoint using Python language. I am an absolute beginner , but i have tried to make a code. Can you please suggest changes and better ways to do it? CODE:

import requests,urllib,urllib.request
import string
consoleDict = [
    "",
    "/graphql",
    "/graphql/console",
    "graphql.php",
    "graphiql",
    "explorer",
    "altair",
    "/playground"
          ]
for endpoint in consoleDict:
    ep = ' http://159.100.248.211 '
    response = requests.get(ep)
    if response.status_code in [200,403]:
        print("It is a GraphQL endpoint",endpoint)

Thank you :)

Answer 1

Even with gql, you need the schema to ask for anything. If you don't know it, you could use introspection query:

{
  __schema {
    types {
      name
    }
  }
}

Some endpoints might have this disabled, but if you don't know the schema it is a good starting point. Try with something like this:

import json
import requests
from urllib import parse

paths = [
    "",
    "/graphql",
    "/graphql/console",
    "graphql.php",
    "graphiql",
    "explorer",
    "altair",
    "/playground"
]

query = """{
  __schema {
    types {
      name
    }
  }
}
"""

for path in paths:
    hostname = 'http://159.100.248.211'
    endpoint = parse.urljoin(hostname, path)
    try:
        print(f"Attempt: {endpoint}")
        response = requests.post(endpoint, json={'query': query}, timeout=0.1)
    except Exception:
        print("No GraphQL endpoint found")
    else:
        if response.status_code == 200:
            json_data = json.loads(response.text)
            if json_data.get('data'):
                print("It is a GraphQL endpoint",endpoint)

Let mw know if this works