Let’s try

In this assignment, you will add a comment to the photo, when submitting the form try to execute an XXE injection with the comments field. Try listing the root directory of the filesystem.

Solution

💡 Try submitting the form and see what happens 💡 Use ZAP/Burp to intercept the request and try to include your own DTD 💡 Try to include a doctype "(<!DOCTYPE...)" in the xml 💡 The include can be as follows: [ ]> 💡 Do not forget to reference the entity 💡 In the comment you should references: &root;test

• Open the Development Tools in the browser, and go to the Network tab.

• On WebGoat, post a comment.

• Locate the query to simple in the Network tab and click on Edit and Resend.

• Edit the body with: <?xml version="1.0"?><!DOCTYPE comment [<!ENTITY xxe SYSTEM "file:///">]><comment><text>&xxe;</text></comment>