x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/3.Web-Hacking/4.Injection/XXE/Commands/4.XXE-File-Upload.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

575 B
Raw Blame History

XXE Attacks via File Upload

  • If a server allows the upload of DOCX or SVG, XXE can be embedded in these documents

  • When the document is processed by the application, it will trigger the exploit XXE Attack via Modified Content Type

  • Normal Request example:

POST /action HTTP/1.0
Content-Type: application/x-www-form-
urlencoded
Content-Length: 7
foo=bar
  • If the server tolerates this, you can exploit it
POST /action HTTP/1.0
Content-Type: text/xml
Content-Length: 52
<?xml version="1.0" encoding="UTF-
8"?><foo>bar</foo>