xxe – Page 5 – WindowsTechs.com

Attack path alternatives for XXE

Posted on June 7, 2018 by staticFlow

I’ve found a blind Xml External Entity (XXE) attack against a SAML infrastructure while on a client engagement but it has been giving me fits trying to exploit it earlier. I can construct a simple XXE:
<?xml version="1.0" … Continue reading Attack path alternatives for XXE→

Why isn’t XXE part of Injection in the OWASP Top 10?

Posted on May 12, 2018 by user2352164

I’m trying to explain to myself why XXE doesn’t fall under the Injection category, as it is a form of XML injection.

XML External Entity is an attack that manipulates the XML parser/interpreter, to achieve information disclo… Continue reading Why isn’t XXE part of Injection in the OWASP Top 10?→

XXEinjector – Automatic XXE Injection Tool For Exploitation

Posted on May 5, 2018 by Darknet

XXEinjector is a Ruby-based XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications and the brute forcing method needs to be used for other applications.

Usage of XXEin… Continue reading XXEinjector – Automatic XXE Injection Tool For Exploitation→

How to exploit DVWS /XXE?

Posted on March 11, 2018 by tryingtobreakin

Could anybody please show me the light how to use DVWS/XXE.

https://github.com/snoopysecurity/dvws

This basically prompts me to enter my name and then which is surrounded by tags and then prints it to the screen, but no pa… Continue reading How to exploit DVWS /XXE?→

Can an XXE attack be carried out from within an docx file?

Posted on March 8, 2018 by Tarek Mohamed

Is XXE possible in a file upload with .docx files?

Continue reading Can an XXE attack be carried out from within an docx file?→

Is there any tool to test XXE attack?

Posted on March 4, 2018 by MR_R0B07

XML External Entity (XXE) Processing

https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing

Is there any automatic and semi automatic tool to test XXE vulnerability on Web Applications?

I need a list of tools… Continue reading Is there any tool to test XXE attack?→

Example of Insecure DTD Processing in XmlSchema.Read

Posted on February 18, 2018 by Who Knows

According to https://msdn.microsoft.com/en-us/library/mt661872.aspx and https://github.com/dotnet/roslyn-analyzers/issues/563 the code below is vulnerable to DTD expansion attack:

var src = “?payload?”;
TextReader… Continue reading Example of Insecure DTD Processing in XmlSchema.Read→

Trying to exploit XXE with OOB technique, got DOMDocument::loadXML(): Invalid URI error

Posted on January 19, 2018 by daisy

I’m following this article. The environment is CentOS6 + PHP 5.3.3 (cli)

In /var/www/html/xxe.php I have a simple vulnerable PHP file

<?php
$xml = <<<XML
<?xml version=”1.0″ ?>
<!DOCTYPE r [
<!ELEMEN… Continue reading Trying to exploit XXE with OOB technique, got DOMDocument::loadXML(): Invalid URI error→

OWASP Top 10 (2017) Overview – Application Security Weekly #1

Posted on January 15, 2018 by Paul Asadoorian

This week, Paul and Keith discuss the ten most critical web application security risks! They discuss broken authentication, sensible data exposure, XML external entities (XXE), broken access control, security configuration, and more on this episode of … Continue reading OWASP Top 10 (2017) Overview – Application Security Weekly #1→

XSS and XXE payload in XML attributes value

Posted on November 16, 2017 by user187205

I am testing web application with functionality of file upload. The only possible file format is XML. The content of the file saved in XML attributes is then presented on the separate page.

For example XML file looks like th… Continue reading XSS and XXE payload in XML attributes value→