Submit Search
Upload
XXE - XML External Entity Attack
•
Download as PPTX, PDF
•
5 likes
•
3,818 views
C
Cysinfo Cyber Security Community
Follow
XXE - XML External Entity Attack
Read less
Read more
Software
Report
Share
Report
Share
1 of 25
Download now
Recommended
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)
Michael Furman
XXE
XXE
n|u - The Open Security Community
XML External Entity (XXE)
XML External Entity (XXE)
Jay Thakker
Hands-On XML Attacks
Hands-On XML Attacks
Toe Khaing
Cross site scripting attacks and defenses
Cross site scripting attacks and defenses
Mohammed A. Imran
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
Amit Tyagi
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
The Cross Site Scripting Guide
The Cross Site Scripting Guide
Daisuke_Dan
Recommended
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)
Michael Furman
XXE
XXE
n|u - The Open Security Community
XML External Entity (XXE)
XML External Entity (XXE)
Jay Thakker
Hands-On XML Attacks
Hands-On XML Attacks
Toe Khaing
Cross site scripting attacks and defenses
Cross site scripting attacks and defenses
Mohammed A. Imran
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
Amit Tyagi
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
The Cross Site Scripting Guide
The Cross Site Scripting Guide
Daisuke_Dan
Secure PHP Coding
Secure PHP Coding
Narudom Roongsiriwong, CISSP
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
Marco Balduzzi
SSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
Malware Analysis Made Simple
Malware Analysis Made Simple
Paul Melson
Web application security & Testing
Web application security & Testing
Deepu S Nath
Directory Traversal & File Inclusion Attacks
Directory Traversal & File Inclusion Attacks
Raghav Bisht
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
Ikhade Maro Igbape
Sql injection with sqlmap
Sql injection with sqlmap
Herman Duarte
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat Security Conference
Deep dive into ssrf
Deep dive into ssrf
n|u - The Open Security Community
OWASP Top 10 - 2017
OWASP Top 10 - 2017
HackerOne
XSS - Attacks & Defense
XSS - Attacks & Defense
Blueinfy Solutions
sqlmap internals
sqlmap internals
Miroslav Stampar
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protection
Mikhail Egorov
Ekoparty 2017 - The Bug Hunter's Methodology
Ekoparty 2017 - The Bug Hunter's Methodology
bugcrowd
XSS - Do you know EVERYTHING?
XSS - Do you know EVERYTHING?
Yurii Bilyk
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)
Daniel Tumser
SSRF workshop
SSRF workshop
Ivan Novikov
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
Masato Kinugawa
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
Xxe xml external entity
Xxe xml external entity
heeraj nair
Domain Specific Languages and C++ Code Generation
Domain Specific Languages and C++ Code Generation
Ovidiu Farauanu
More Related Content
What's hot
Secure PHP Coding
Secure PHP Coding
Narudom Roongsiriwong, CISSP
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
Marco Balduzzi
SSRF For Bug Bounties
SSRF For Bug Bounties
OWASP Nagpur
Malware Analysis Made Simple
Malware Analysis Made Simple
Paul Melson
Web application security & Testing
Web application security & Testing
Deepu S Nath
Directory Traversal & File Inclusion Attacks
Directory Traversal & File Inclusion Attacks
Raghav Bisht
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
Ikhade Maro Igbape
Sql injection with sqlmap
Sql injection with sqlmap
Herman Duarte
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat Security Conference
Deep dive into ssrf
Deep dive into ssrf
n|u - The Open Security Community
OWASP Top 10 - 2017
OWASP Top 10 - 2017
HackerOne
XSS - Attacks & Defense
XSS - Attacks & Defense
Blueinfy Solutions
sqlmap internals
sqlmap internals
Miroslav Stampar
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protection
Mikhail Egorov
Ekoparty 2017 - The Bug Hunter's Methodology
Ekoparty 2017 - The Bug Hunter's Methodology
bugcrowd
XSS - Do you know EVERYTHING?
XSS - Do you know EVERYTHING?
Yurii Bilyk
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)
Daniel Tumser
SSRF workshop
SSRF workshop
Ivan Novikov
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
Masato Kinugawa
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
What's hot
(20)
Secure PHP Coding
Secure PHP Coding
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
SSRF For Bug Bounties
SSRF For Bug Bounties
Malware Analysis Made Simple
Malware Analysis Made Simple
Web application security & Testing
Web application security & Testing
Directory Traversal & File Inclusion Attacks
Directory Traversal & File Inclusion Attacks
Cross Site Scripting Defense Presentation
Cross Site Scripting Defense Presentation
Sql injection with sqlmap
Sql injection with sqlmap
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
Deep dive into ssrf
Deep dive into ssrf
OWASP Top 10 - 2017
OWASP Top 10 - 2017
XSS - Attacks & Defense
XSS - Attacks & Defense
sqlmap internals
sqlmap internals
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protection
Ekoparty 2017 - The Bug Hunter's Methodology
Ekoparty 2017 - The Bug Hunter's Methodology
XSS - Do you know EVERYTHING?
XSS - Do you know EVERYTHING?
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)
SSRF workshop
SSRF workshop
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
X-XSS-Nightmare: 1; mode=attack XSS Attacks Exploiting XSS Filter
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Similar to XXE - XML External Entity Attack
Xxe xml external entity
Xxe xml external entity
heeraj nair
Domain Specific Languages and C++ Code Generation
Domain Specific Languages and C++ Code Generation
Ovidiu Farauanu
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
Veritas Technologies LLC
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
Amazon Web Services
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Amazon Web Services
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Canada
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre security
Cisco Canada
Introduction to Cyber Security
Introduction to Cyber Security
Vikram Nandini
intergator as a comprehensive and holistic information management platform
intergator as a comprehensive and holistic information management platform
Eduard Daoud
Document Archiving & Sharing System
Document Archiving & Sharing System
Ashik Iqbal
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
Nicolas Brousse
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
Puppet
veeam_vbo365_short_deck.pptx
veeam_vbo365_short_deck.pptx
FadhilMuhammad80
Cisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simple
Cisco Canada
Dennis Wisnowsky Presentation
Dennis Wisnowsky Presentation
Mediabistro
Cloud Storage System like Dropbox
Cloud Storage System like Dropbox
IRJET Journal
X internet framework
X internet framework
Neha Malik
VA_InterConnect2017
VA_InterConnect2017
Canturk Isci
Don't waste you time searching IBM Connections cloud
Don't waste you time searching IBM Connections cloud
mmi-consult
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Denim Group
Similar to XXE - XML External Entity Attack
(20)
Xxe xml external entity
Xxe xml external entity
Domain Specific Languages and C++ Code Generation
Domain Specific Languages and C++ Code Generation
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
Fine Tune Your Archive: Best Practices for Optimizing Enterprise Vault
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Say Goodbye to Legacy Network File Shares with Amazon WorkDocs Drive (BAP208)...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Toronto 2018 cloud and on premises collaboration security exp...
Cisco Connect Ottawa 2018 data centre security
Cisco Connect Ottawa 2018 data centre security
Introduction to Cyber Security
Introduction to Cyber Security
intergator as a comprehensive and holistic information management platform
intergator as a comprehensive and holistic information management platform
Document Archiving & Sharing System
Document Archiving & Sharing System
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...
veeam_vbo365_short_deck.pptx
veeam_vbo365_short_deck.pptx
Cisco connect winnipeg 2018 we make it simple
Cisco connect winnipeg 2018 we make it simple
Dennis Wisnowsky Presentation
Dennis Wisnowsky Presentation
Cloud Storage System like Dropbox
Cloud Storage System like Dropbox
X internet framework
X internet framework
VA_InterConnect2017
VA_InterConnect2017
Don't waste you time searching IBM Connections cloud
Don't waste you time searching IBM Connections cloud
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...
More from Cysinfo Cyber Security Community
Understanding Malware Persistence Techniques by Monnappa K A
Understanding Malware Persistence Techniques by Monnappa K A
Cysinfo Cyber Security Community
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Cysinfo Cyber Security Community
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Cysinfo Cyber Security Community
Emerging Trends in Cybersecurity by Amar Prusty
Emerging Trends in Cybersecurity by Amar Prusty
Cysinfo Cyber Security Community
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Cysinfo Cyber Security Community
Closer look at PHP Unserialization by Ashwin Shenoi
Closer look at PHP Unserialization by Ashwin Shenoi
Cysinfo Cyber Security Community
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Cysinfo Cyber Security Community
The Art of Executing JavaScript by Akhil Mahendra
The Art of Executing JavaScript by Akhil Mahendra
Cysinfo Cyber Security Community
Reversing and Decrypting Malware Communications by Monnappa
Reversing and Decrypting Malware Communications by Monnappa
Cysinfo Cyber Security Community
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
Cysinfo Cyber Security Community
Analysis of android apk using adhrit by Abhishek J.M
Analysis of android apk using adhrit by Abhishek J.M
Cysinfo Cyber Security Community
Understanding evasive hollow process injection techniques monnappa k a
Understanding evasive hollow process injection techniques monnappa k a
Cysinfo Cyber Security Community
Security challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasarao
Cysinfo Cyber Security Community
S2 e (selective symbolic execution) -shivkrishna a
S2 e (selective symbolic execution) -shivkrishna a
Cysinfo Cyber Security Community
Dynamic binary analysis using angr siddharth muralee
Dynamic binary analysis using angr siddharth muralee
Cysinfo Cyber Security Community
Bit flipping attack on aes cbc - ashutosh ahelleya
Bit flipping attack on aes cbc - ashutosh ahelleya
Cysinfo Cyber Security Community
Security Analytics using ELK stack
Security Analytics using ELK stack
Cysinfo Cyber Security Community
Linux Malware Analysis
Linux Malware Analysis
Cysinfo Cyber Security Community
Introduction to Binary Exploitation
Introduction to Binary Exploitation
Cysinfo Cyber Security Community
ATM Malware: Understanding the threat
ATM Malware: Understanding the threat
Cysinfo Cyber Security Community
More from Cysinfo Cyber Security Community
(20)
Understanding Malware Persistence Techniques by Monnappa K A
Understanding Malware Persistence Techniques by Monnappa K A
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Understanding & analyzing obfuscated malicious web scripts by Vikram Kharvi
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Getting started with cybersecurity through CTFs by Shruti Dixit & Geethna TK
Emerging Trends in Cybersecurity by Amar Prusty
Emerging Trends in Cybersecurity by Amar Prusty
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
A look into the sanitizer family (ASAN & UBSAN) by Akul Pillai
Closer look at PHP Unserialization by Ashwin Shenoi
Closer look at PHP Unserialization by Ashwin Shenoi
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
Unicorn: The Ultimate CPU Emulator by Akshay Ajayan
The Art of Executing JavaScript by Akhil Mahendra
The Art of Executing JavaScript by Akhil Mahendra
Reversing and Decrypting Malware Communications by Monnappa
Reversing and Decrypting Malware Communications by Monnappa
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
DeViL - Detect Virtual Machine in Linux by Sreelakshmi
Analysis of android apk using adhrit by Abhishek J.M
Analysis of android apk using adhrit by Abhishek J.M
Understanding evasive hollow process injection techniques monnappa k a
Understanding evasive hollow process injection techniques monnappa k a
Security challenges in d2d communication by ajithkumar vyasarao
Security challenges in d2d communication by ajithkumar vyasarao
S2 e (selective symbolic execution) -shivkrishna a
S2 e (selective symbolic execution) -shivkrishna a
Dynamic binary analysis using angr siddharth muralee
Dynamic binary analysis using angr siddharth muralee
Bit flipping attack on aes cbc - ashutosh ahelleya
Bit flipping attack on aes cbc - ashutosh ahelleya
Security Analytics using ELK stack
Security Analytics using ELK stack
Linux Malware Analysis
Linux Malware Analysis
Introduction to Binary Exploitation
Introduction to Binary Exploitation
ATM Malware: Understanding the threat
ATM Malware: Understanding the threat
Recently uploaded
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
ICS
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
kalichargn70th171
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
Shane Coughlan
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
aagamshah0812
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
KiaraTiradoMicha
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
kalichargn70th171
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
ayushiqss
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
masabamasaba
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
ThousandEyes
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
masabamasaba
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
Jittipong Loespradit
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
HimanshiGarg82
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
kalichargn70th171
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
alwaysnagaraju26
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
Jhone kinadey
Pharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodology
Anusha Are
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
Willy Marroquin (WillyDevNET)
Recently uploaded
(20)
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
LEVEL 5 - SESSION 1 2023 (1).pptx - PDF 123456
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
Pharm-D Biostatistics and Research methodology
Pharm-D Biostatistics and Research methodology
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
XXE - XML External Entity Attack
1.
Web Application Security
- Team bi0s © 2017 XXE XML External Entity 25 February 2017 @Team bi0s 1/25 HEERAJ Btech, Third Year, Computer Science Engineering Amrita University
2.
whoami Web Application Security
- Team bi0s © 2017 @Team bi0s ➔ Undergraduate Student @ Amrita ➔ Web Security Enthusiast ➔ CTF{flag_seeker} ➔ @HRJ ➔ ww.i4info.in 2/25
3.
Agenda Web Application Security
- Team bi0s © 2017 @Team bi0s ➔Intro to XML & DTD ➔XML Entity ➔Parsing XML ➔Attacks Vector ➔Demo 3/25
4.
XML Web Application Security
- Team bi0s © 2017 @Team bi0s ➔EXtensible Markup Language 4/25 Picture:123RF.COM
5.
Where it is
used ? Web Application Security - Team bi0s © 2017 @Team bi0s ➔Document Formats ➔Image Formats ➔Configuration Files ➔Network Protocols ➔RSS Feeds … etc . . . 5/25 Picture: c-sharpcorner.com
6.
Document Type Definition Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ References an External DTD ➔ Define structure with the list of legal elements 6/25
7.
XML Entity Web Application
Security - Team bi0s © 2017 @Team bi0s ➔ Entities help to reduce the entry of repetitive information and also allow for easier editing Output: Writer: Donald Duck. Copyright: bi0s. 7/25
8.
XML Entity Web Application
Security - Team bi0s © 2017 @Team bi0s XML Entity Internal Entity External Entity 8/25
9.
Parsing Web Application Security
- Team bi0s © 2017 @Team bi0s ➔ Character other than < , > , & , ‘ , “ all are parsable. ➔ PCDATA is text that will be parsed by a parser. Tags inside the text will be treated as markup and entities will be expanded. ➔ CDATA is text that will not be parsed by a parser. 9/25
10.
Attack’s Possible Web Application
Security - Team bi0s © 2017 @Team bi0s ➔ LFI ➔ SSRF ➔ Internal scans ➔ Denial of Service ➔ Rce (Not Always!!!) 10/25
11.
Attack Vectors Web Application
Security - Team bi0s © 2017 @Team bi0s Classic XXE We can view any file which doesn’t contain < , > , & , ‘ , “ as characters. 11/25
12.
12
13.
Direct Feedback Channel Web
Application Security - Team bi0s © 2017 @Team bi0s What if you are Reading Some configuration files? 13
14.
Direct Feedback Channel Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ CDATA very helpful to read web configuration, which contain non parsable characters. But this won’t work !! 14/25
15.
Direct Feedback Channel Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ We have to use Parameter entities ➢ Parameter.dtd 15/25
16.
Out Of Band
Channel Web Application Security - Team bi0s © 2017 @Team bi0s 16/25
17.
Out Of Band
Channel Web Application Security - Team bi0s © 2017 @Team bi0s ➔ No Direct Feedback Channel 17/25 Website: http://web-in-security.blogspot.in/2016/03/xxe-cheat- sheet.html
18.
Billion Laughs Attack
(Simple Denial of Service) Web Application Security - Team bi0s © 2017 @Team bi0s ➔ Works by expansion property (Simple code(<1kb) will expand up to 3 gigabytes of memory. 18/25
19.
Different Protocols Web Application
Security - Team bi0s © 2017 @Team bi0s 19/25
20.
OFFICE OPEN XML Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ Zip archive file containing XML and media files ➔ *.docx , *.xlsx , *.pptx ➔ Developed by Microsoft 20/25
21.
OFFICE OPEN XML Web
Application Security - Team bi0s © 2017 @Team bi0s 21/25 Open XML File Container Document Properties Custom Defined XML Comments WordML/ SpreadsheetML etc Embedded Code/Macros Images, Video, Sound Files Charts
22.
OFFICE OPEN XML Web
Application Security - Team bi0s © 2017 @Team bi0s ➔ General Parsing XML ◆ /_rels/.rels ◆ [Content_Types].xml ◆ Default Main Document ● /word/document.xml ● /ppt/presentation.xml ● /xl/workbook.xml 22/25
23.
Playing With Content
Type Web Application Security - Team bi0s © 2017 @Team bi0s ➔ Server may accept multiple data formats ➔ Results in Json endpoints may be vulnerable to XXE ➔ Content-Type changed to application/xml ➔ JSON has to be converted to XML 23/25
24.
Demo Web Application Security
- Team bi0s © 2017 @Team bi0s 24/25
25.
Solution Web Application Security
- Team bi0s © 2017 @Team bi0s ➢ Don’t reflect the XML back to user ➢ Turn off external DTD fetching ➢ Turn off DTD ➢ Disable External Entity Parsing libxml_disable_entity_loader(true);(PHP) 25/25
Editor's Notes
RSS/xhtml/svg/opendocument/kml/xslt/soap/saml… And Many more are written in XML
Defines the structure, attributes and the legal elements of XML #PCDATA - parsable text data Note defines this must contain to, from, heading,body
Used to include some documents
Public and SYSTEM are the 2 external entities.
Dos( by reading /dev/zero loops
Found Long back in 2002
But this will not work with the above example, we get the error: “XML document structures must start and end within the same entity.”
In the first case it was from same dtd Here we have used different dtd
In the first case it was from same dtd Here we have used different dtd
In the first case it was from same dtd Here we have used different dtd
Google toolbar you can design button using xml, the xxe was in uploading xml
File that are present in the zip archive
File that are present in the zip archive
File that are present in the zip archive
File that are present in the zip archive
Download now