Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burpsuite Enterprise Graphql Query

Burpsuite | Last updated: Oct 28, 2022 07:26AM UTC

Hello, I am trying to create a new scan configuration via GraphQL API. The graphql has no error but I am getting one still. Query : mutation CreateScanConfiguration { create_scan_configuration( input: { name: "new scan config" scan_configuration_fragment_json: "{"crawler":{"crawl_optimization":{"crawl_strategy":"fastest"}}}" } ) { scan_configuration { name scan_configuration_fragment_json } } } Error : {'errors': [{'message': 'Invalid Syntax : offending token \'":{"\' at line 6 column 51', 'extensions': {'code': 77}}]}

Alex, PortSwigger Agent | Last updated: Oct 28, 2022 08:54AM UTC

Hi, Thanks for your post. The "scan_configuration_fragment_json" field is JSON nested in a string so the quotes will need escaping, can you try the following: mutation CreateScanConfiguration { create_scan_configuration( input: { name: "new scan config" scan_configuration_fragment_json: "{\"crawler\":{\"crawl_optimization\":{\"crawl_strategy\":\"fastest\"}}}" } ) { scan_configuration { name scan_configuration_fragment_json } } } Best regards,

Burpsuite | Last updated: Oct 29, 2022 05:23PM UTC

That is the query I am running. Still the same error. Here is my code. def test_new_config(): NEW_CONFIG = """ mutation CreateScanConfiguration { create_scan_configuration( input: { name: "new scan config" scan_configuration_fragment_json: "{\"crawler\":{\"crawl_optimization\":{\"crawl_strategy\":\"fastest\"}}}" } ) { scan_configuration { name scan_configuration_fragment_json } } } """ print(NEW_CONFIG) test = burpsuite.run_query(NEW_CONFIG) print(test)

Burpsuite | Last updated: Oct 29, 2022 05:26PM UTC

Here is the output mutation CreateScanConfiguration { create_scan_configuration( input: { name: "new scan config" scan_configuration_fragment_json: "{"crawler":{"crawl_optimization":{"crawl_strategy":"fastest"}}}" } ) { scan_configuration { name scan_configuration_fragment_json } } } {'errors': [{'message': 'Invalid Syntax : offending token \'":{"\' at line 6 column 45', 'extensions': {'code': 77}}]}

Alex, PortSwigger Agent | Last updated: Nov 01, 2022 10:07AM UTC

Hi, If you are running this through Python you may have to use a double backslash to escape. Best regards,

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.