Submit Search
Upload
XXE - XML External Entity Attack
•
Download as PPTX, PDF
•
5 likes
•
3,808 views
C
Cysinfo Cyber Security Community
Follow
XXE - XML External Entity Attack
Read less
Read more
Software
Report
Share
Report
Share
1 of 25
Download now
Recommended
XML External Entity (XXE)
XML External Entity (XXE)
Jay Thakker
XXE
XXE
n|u - The Open Security Community
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)
Michael Furman
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
Sql Injection - Vulnerability and Security
Sql Injection - Vulnerability and Security
Sandip Chaudhari
Hands-On XML Attacks
Hands-On XML Attacks
Toe Khaing
Application Security
Application Security
Reggie Niccolo Santos
Directory Traversal & File Inclusion Attacks
Directory Traversal & File Inclusion Attacks
Raghav Bisht
Recommended
XML External Entity (XXE)
XML External Entity (XXE)
Jay Thakker
XXE
XXE
n|u - The Open Security Community
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)
Michael Furman
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
Sql Injection - Vulnerability and Security
Sql Injection - Vulnerability and Security
Sandip Chaudhari
Hands-On XML Attacks
Hands-On XML Attacks
Toe Khaing
Application Security
Application Security
Reggie Niccolo Santos
Directory Traversal & File Inclusion Attacks
Directory Traversal & File Inclusion Attacks
Raghav Bisht
XML & XPath Injections
XML & XPath Injections
AMol NAik
A Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
Sina Manavi
Module 8 System Hacking
Module 8 System Hacking
leminhvuong
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application Vulnerabilities
Software Guru
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
Web Application Security
Web Application Security
Abdul Wahid
Cross site scripting attacks and defenses
Cross site scripting attacks and defenses
Mohammed A. Imran
Broken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptx
Manahari Darshika Pemarathna
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
OWASP Secure Coding
OWASP Secure Coding
bilcorry
Xss attack
Xss attack
Manjushree Mashal
Understanding the Event Log
Understanding the Event Log
chuckbt
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
Soroush Dalili
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...
Noppadol Songsakaew
MindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat Sheet
Juan F. Padilla
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
Windows Forensic 101
Windows Forensic 101
Digit Oktavianto
Sql injection - security testing
Sql injection - security testing
Napendra Singh
ORM2Pwn: Exploiting injections in Hibernate ORM
ORM2Pwn: Exploiting injections in Hibernate ORM
Mikhail Egorov
OWASP Top 10 API Security Risks
OWASP Top 10 API Security Risks
IndusfacePvtLtd
Xxe xml external entity
Xxe xml external entity
heeraj nair
Domain Specific Languages and C++ Code Generation
Domain Specific Languages and C++ Code Generation
Ovidiu Farauanu
More Related Content
What's hot
XML & XPath Injections
XML & XPath Injections
AMol NAik
A Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
Sina Manavi
Module 8 System Hacking
Module 8 System Hacking
leminhvuong
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application Vulnerabilities
Software Guru
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
Web Application Security
Web Application Security
Abdul Wahid
Cross site scripting attacks and defenses
Cross site scripting attacks and defenses
Mohammed A. Imran
Broken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptx
Manahari Darshika Pemarathna
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
TzahiArabov
OWASP Secure Coding
OWASP Secure Coding
bilcorry
Xss attack
Xss attack
Manjushree Mashal
Understanding the Event Log
Understanding the Event Log
chuckbt
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
Soroush Dalili
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...
Noppadol Songsakaew
MindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat Sheet
Juan F. Padilla
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
Windows Forensic 101
Windows Forensic 101
Digit Oktavianto
Sql injection - security testing
Sql injection - security testing
Napendra Singh
ORM2Pwn: Exploiting injections in Hibernate ORM
ORM2Pwn: Exploiting injections in Hibernate ORM
Mikhail Egorov
OWASP Top 10 API Security Risks
OWASP Top 10 API Security Risks
IndusfacePvtLtd
What's hot
(20)
XML & XPath Injections
XML & XPath Injections
A Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
Module 8 System Hacking
Module 8 System Hacking
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application Vulnerabilities
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Web Application Security
Web Application Security
Cross site scripting attacks and defenses
Cross site scripting attacks and defenses
Broken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptx
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Secure Coding
OWASP Secure Coding
Xss attack
Xss attack
Understanding the Event Log
Understanding the Event Log
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...
MindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat Sheet
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
Windows Forensic 101
Windows Forensic 101
Sql injection - security testing
Sql injection - security testing
ORM2Pwn: Exploiting injections in Hibernate ORM
ORM2Pwn: Exploiting injections in Hibernate ORM
OWASP Top 10 API Security Risks
OWASP Top 10 API Security Risks
Similar to XXE - XML External Entity Attack
Xxe xml external entity
Xxe xml external entity
heeraj nair
Domain Specific Languages and C++ Code Generation
Domain Specific Languages and C++ Code Generation
Ovidiu Farauanu
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
Veritas Technologies LLC
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
Amazon Web Services
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Amazon Web Services
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Canada
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre security
Cisco Canada
Introduction to Cyber Security
Introduction to Cyber Security
Vikram Nandini
intergator as a comprehensive and holistic information management platform
intergator as a comprehensive and holistic information management platform
Eduard Daoud
Document Archiving & Sharing System
Document Archiving & Sharing System
Ashik Iqbal
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
Nicolas Brousse
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
Puppet
veeam_vbo365_short_deck.pptx
veeam_vbo365_short_deck.pptx
FadhilMuhammad80
Cisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simple
Cisco Canada
Dennis Wisnowsky Presentation
Dennis Wisnowsky Presentation
Mediabistro
Cloud Storage System like Dropbox
Cloud Storage System like Dropbox
IRJET Journal
X internet framework
X internet framework
Neha Malik
VA_InterConnect2017
VA_InterConnect2017
Canturk Isci
Don't waste you time searching IBM Connections cloud
Don't waste you time searching IBM Connections cloud
mmi-consult
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Denim Group
Similar to XXE - XML External Entity Attack
(20)
Xxe xml external entity
Xxe xml external entity
Domain Specific Languages and C++ Code Generation
Domain Specific Languages and C++ Code Generation
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre security
Introduction to Cyber Security
Introduction to Cyber Security
intergator as a comprehensive and holistic information management platform
intergator as a comprehensive and holistic information management platform
Document Archiving & Sharing System
Document Archiving & Sharing System
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
veeam_vbo365_short_deck.pptx
veeam_vbo365_short_deck.pptx
Cisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simple
Dennis Wisnowsky Presentation
Dennis Wisnowsky Presentation
Cloud Storage System like Dropbox
Cloud Storage System like Dropbox
X internet framework
X internet framework
VA_InterConnect2017
VA_InterConnect2017
Don't waste you time searching IBM Connections cloud
Don't waste you time searching IBM Connections cloud
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
More from Cysinfo Cyber Security Community
Understanding Malware Persistence Techniques by Monnappa K A
Understanding Malware Persistence Techniques by Monnappa K A
Cysinfo Cyber Security Community
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Cysinfo Cyber Security Community
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Cysinfo Cyber Security Community
Emerging Trends in Cybersecurity by Amar Prusty
Emerging Trends in Cybersecurity by Amar Prusty
Cysinfo Cyber Security Community
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Cysinfo Cyber Security Community
Closer look at PHP Unserialization by Ashwin Shenoi
Closer look at PHP Unserialization by Ashwin Shenoi
Cysinfo Cyber Security Community
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Cysinfo Cyber Security Community
The Art of Executing JavaScript by Akhil Mahendra
The Art of Executing JavaScript by Akhil Mahendra
Cysinfo Cyber Security Community
Reversing and Decrypting Malware Communications by Monnappa
Reversing and Decrypting Malware Communications by Monnappa
Cysinfo Cyber Security Community
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
Cysinfo Cyber Security Community
Analysis of android apk using adhrit by Abhishek J.M
Analysis of android apk using adhrit by Abhishek J.M
Cysinfo Cyber Security Community
Understanding evasive hollow process injection techniques monnappa k a
Understanding evasive hollow process injection techniques monnappa k a
Cysinfo Cyber Security Community
Security challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasarao
Cysinfo Cyber Security Community
S2 e (selective symbolic execution) -shivkrishna a
S2 e (selective symbolic execution) -shivkrishna a
Cysinfo Cyber Security Community
Dynamic binary analysis using angr siddharth muralee
Dynamic binary analysis using angr siddharth muralee
Cysinfo Cyber Security Community
Bit flipping attack on aes cbc - ashutosh ahelleya
Bit flipping attack on aes cbc - ashutosh ahelleya
Cysinfo Cyber Security Community
Security Analytics using ELK stack
Security Analytics using ELK stack
Cysinfo Cyber Security Community
Linux Malware Analysis
Linux Malware Analysis
Cysinfo Cyber Security Community
Introduction to Binary Exploitation
Introduction to Binary Exploitation
Cysinfo Cyber Security Community
ATM Malware: Understanding the threat
ATM Malware: Understanding the threat
Cysinfo Cyber Security Community
More from Cysinfo Cyber Security Community
(20)
Understanding Malware Persistence Techniques by Monnappa K A
Understanding Malware Persistence Techniques by Monnappa K A
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Emerging Trends in Cybersecurity by Amar Prusty
Emerging Trends in Cybersecurity by Amar Prusty
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Closer look at PHP Unserialization by Ashwin Shenoi
Closer look at PHP Unserialization by Ashwin Shenoi
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
The Art of Executing JavaScript by Akhil Mahendra
The Art of Executing JavaScript by Akhil Mahendra
Reversing and Decrypting Malware Communications by Monnappa
Reversing and Decrypting Malware Communications by Monnappa
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
Analysis of android apk using adhrit by Abhishek J.M
Analysis of android apk using adhrit by Abhishek J.M
Understanding evasive hollow process injection techniques monnappa k a
Understanding evasive hollow process injection techniques monnappa k a
Security challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasarao
S2 e (selective symbolic execution) -shivkrishna a
S2 e (selective symbolic execution) -shivkrishna a
Dynamic binary analysis using angr siddharth muralee
Dynamic binary analysis using angr siddharth muralee
Bit flipping attack on aes cbc - ashutosh ahelleya
Bit flipping attack on aes cbc - ashutosh ahelleya
Security Analytics using ELK stack
Security Analytics using ELK stack
Linux Malware Analysis
Linux Malware Analysis
Introduction to Binary Exploitation
Introduction to Binary Exploitation
ATM Malware: Understanding the threat
ATM Malware: Understanding the threat
Recently uploaded
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
VICTOR MAESTRE RAMIREZ
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
Safe Software
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
OnePlan Solutions
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
Velvetech LLC
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Ahmed Mohamed
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Drew Moseley
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
Andreas Granig
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Angel Borroy López
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
vyaparkranti
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
StefanoLambiase
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
BrainSell Technologies
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
Andreas Kunz
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
Christian Birchler
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Matt Ray
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
qr0udbr0
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
smiwainfosol
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
Sujith Sukumaran
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
YashikaSharma391629
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Stefano Stabellini
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Cizo Technology Services
Recently uploaded
(20)
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
XXE - XML External Entity Attack
1.
Web Application Security
- Team bi0s © 2017 XXE XML External Entity 25 February 2017 @Team bi0s 1/25 HEERAJ Btech, Third Year, Computer Science Engineering Amrita University
2.
whoami Web Application Security
- Team bi0s © 2017 @Team bi0s ➔ Undergraduate Student @ Amrita ➔ Web Security Enthusiast ➔ CTF{flag_seeker} ➔ @HRJ ➔ ww.i4info.in 2/25
3.
Agenda Web Application Security
- Team bi0s © 2017 @Team bi0s ➔Intro to XML & DTD ➔XML Entity ➔Parsing XML ➔Attacks Vector ➔Demo 3/25
4.
XML Web Application Security
- Team bi0s © 2017 @Team bi0s ➔EXtensible Markup Language 4/25 Picture:123RF.COM
5.
Where it is
used ? Web Application Security - Team bi0s © 2017 @Team bi0s ➔Document Formats ➔Image Formats ➔Configuration Files ➔Network Protocols ➔RSS Feeds … etc . . . 5/25 Picture: c-sharpcorner.com
6.
Document Type Definition Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ References an External DTD ➔ Define structure with the list of legal elements 6/25
7.
XML Entity Web Application
Security - Team bi0s © 2017 @Team bi0s ➔ Entities help to reduce the entry of repetitive information and also allow for easier editing Output: Writer: Donald Duck. Copyright: bi0s. 7/25
8.
XML Entity Web Application
Security - Team bi0s © 2017 @Team bi0s XML Entity Internal Entity External Entity 8/25
9.
Parsing Web Application Security
- Team bi0s © 2017 @Team bi0s ➔ Character other than < , > , & , ‘ , “ all are parsable. ➔ PCDATA is text that will be parsed by a parser. Tags inside the text will be treated as markup and entities will be expanded. ➔ CDATA is text that will not be parsed by a parser. 9/25
10.
Attack’s Possible Web Application
Security - Team bi0s © 2017 @Team bi0s ➔ LFI ➔ SSRF ➔ Internal scans ➔ Denial of Service ➔ Rce (Not Always!!!) 10/25
11.
Attack Vectors Web Application
Security - Team bi0s © 2017 @Team bi0s Classic XXE We can view any file which doesn’t contain < , > , & , ‘ , “ as characters. 11/25
12.
12
13.
Direct Feedback Channel Web
Application Security - Team bi0s © 2017 @Team bi0s What if you are Reading Some configuration files? 13
14.
Direct Feedback Channel Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ CDATA very helpful to read web configuration, which contain non parsable characters. But this won’t work !! 14/25
15.
Direct Feedback Channel Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ We have to use Parameter entities ➢ Parameter.dtd 15/25
16.
Out Of Band
Channel Web Application Security - Team bi0s © 2017 @Team bi0s 16/25
17.
Out Of Band
Channel Web Application Security - Team bi0s © 2017 @Team bi0s ➔ No Direct Feedback Channel 17/25 Website: http://web-in-security.blogspot.in/2016/03/xxe-cheat- sheet.html
18.
Billion Laughs Attack
(Simple Denial of Service) Web Application Security - Team bi0s © 2017 @Team bi0s ➔ Works by expansion property (Simple code(<1kb) will expand up to 3 gigabytes of memory. 18/25
19.
Different Protocols Web Application
Security - Team bi0s © 2017 @Team bi0s 19/25
20.
OFFICE OPEN XML Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ Zip archive file containing XML and media files ➔ *.docx , *.xlsx , *.pptx ➔ Developed by Microsoft 20/25
21.
OFFICE OPEN XML Web
Application Security - Team bi0s © 2017 @Team bi0s 21/25 Open XML File Container Document Properties Custom Defined XML Comments WordML/ SpreadsheetML etc Embedded Code/Macros Images, Video, Sound Files Charts
22.
OFFICE OPEN XML Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ General Parsing XML ◆ /_rels/.rels ◆ [Content_Types].xml ◆ Default Main Document ● /word/document.xml ● /ppt/presentation.xml ● /xl/workbook.xml 22/25
23.
Playing With Content
Type Web Application Security - Team bi0s © 2017 @Team bi0s ➔ Server may accept multiple data formats ➔ Results in Json endpoints may be vulnerable to XXE ➔ Content-Type changed to application/xml ➔ JSON has to be converted to XML 23/25
24.
Demo Web Application Security
- Team bi0s © 2017 @Team bi0s 24/25
25.
Solution Web Application Security
- Team bi0s © 2017 @Team bi0s ➢ Don’t reflect the XML back to user ➢ Turn off external DTD fetching ➢ Turn off DTD ➢ Disable External Entity Parsing libxml_disable_entity_loader(true);(PHP) 25/25
Editor's Notes
RSS/xhtml/svg/opendocument/kml/xslt/soap/saml… And Many more are written in XML
Defines the structure, attributes and the legal elements of XML #PCDATA - parsable text data Note defines this must contain to, from, heading,body
Used to include some documents
Public and SYSTEM are the 2 external entities.
Dos( by reading /dev/zero loops
Found Long back in 2002
But this will not work with the above example, we get the error: “XML document structures must start and end within the same entity.”
In the first case it was from same dtd Here we have used different dtd
In the first case it was from same dtd Here we have used different dtd
In the first case it was from same dtd Here we have used different dtd
Google toolbar you can design button using xml, the xxe was in uploading xml
File that are present in the zip archive
File that are present in the zip archive
File that are present in the zip archive
File that are present in the zip archive
Download now