Help | All Things Cyber

This post documents my process for solving the Help box on Hack The Box. This box involves GraphQL enumeration, credential dumping, hash cracking, and classic web application enumeration and exploitation. Recon Initial nmap scan: nmap -sC -sV -oA nmap/help <IP> Found GraphQL running on port 3000. GraphQL Enumeration Referred to PayloadsAllTheThings - GraphQL Injection to start enumeration. Discovered GraphQL types via introspection: http://10.10.10.121:3000/graphql?query={__schema{types{name}}} Full schema dump and queries revealed a user type with username and password fields. ...