Exploitation :XML External Entity (XXE)

INDEX

What is XXE

Types

Exploit XXE

Preventive Measures /Mitigation

What is XXE: An XML External Entity attack is a type of attack against an application that parses XML input. It often allows an attacker to view files on the application server file system, and to interact with any backend or external systems that the application itself can access.

In some cases, XXE can also be used to perform server-side request forgery, port scanning and remote code execution.

Ex: Consider a website www.toy.com that checks the product’s stock before adding it into the cart. The website uses Extensible Markup language(XML) inputs to submit and parse the request. The following request is used to check the product’s stock.

<?xml version=”1.0" encoding=”UTF-8"?>

<toyCheck><toyId>381</toyId></toyCheck>

If there is a weak XML parser which processes requests without any validation, so by modifying the original request and passing file(file:///) schema can fetch the sensitive files from the server.

Explanation:

· Initially attacker send a xml request to any web application. If XML parser processes requests without any…