XXE (7)
Modern REST framework
In modern REST frameworks, the server might be able to accepts data formats that you as a developer did not think about. So this might result in JSON endpoints being vulnerable to XXE attacks.
Again same exercise but try to perform the same XML injection as we did in first assignment.
Solution
💡 Take a look at the content type 💡 Does the endpoint only accept json messages?
Open the Development Tools in the browser, and go to the Network tab.
On WebGoat, post a comment.
Locate the query to
content-type
in the Network tab and click on Edit and Resend.Edit the body with:
<?xml version="1.0"?><!DOCTYPE comment [<!ENTITY xxe SYSTEM "file:///">]><comment><text>&xxe;</text></comment>
. and edit the headerContent-Type: application/json
withContent-Type: application/xml
Last updated