XXE (4)

Let’s try

In this assignment, you will add a comment to the photo, when submitting the form try to execute an XXE injection with the comments field. Try listing the root directory of the filesystem.


πŸ’‘ Try submitting the form and see what happens πŸ’‘ Use ZAP/Burp to intercept the request and try to include your own DTD πŸ’‘ Try to include a doctype "(<!DOCTYPE...)" in the xml πŸ’‘ The include can be as follows: [ ]> πŸ’‘ Do not forget to reference the entity πŸ’‘ In the comment you should references: &root;test

  • Open the Development Tools in the browser, and go to the Network tab.

  • On WebGoat, post a comment.

  • Locate the query to simple in the Network tab and click on Edit and Resend.

  • Edit the body with: <?xml version="1.0"?><!DOCTYPE comment [<!ENTITY xxe SYSTEM "file:///">]><comment><text>&xxe;</text></comment>

Last updated