XML (XXE) 注入Payload List

  • 发表于
  • 周边

XML (XXE) 注入Payload List

在本节中,我们将解释什么是XML注入,描述一些常见的示例,解释如何发现和利用各种XXE注入,并总结如何防止XXE注入攻击

什么是XML注入?

XML注入(也称为XXE)是一个Web安全漏洞,它使攻击者能够干扰应用程序对XML数据的处理。它通常使攻击者可以查看应用程序服务器文件系统上的文件,并与应用程序本身可以访问的任何后端或外部系统进行交互。

在某些情况下,攻击者可以利用XXE漏洞执行服务器端请求伪造(SSRF)攻击,从而升级XXE攻击,以破坏底层服务器或其他后端基础结构。

XML (XXE) 注入Payload List
XML (XXE) 注入

XXE攻击有多种类型:

XXE Attack TypeDescription
Exploiting XXE to Retrieve FilesWhere an external entity is defined containing the contents of a file, and returned in the application's response.
Exploiting XXE to Perform SSRF AttacksWhere an external entity is defined based on a URL to a back-end system.
Exploiting Blind XXE Exfiltrate Data Out-of-BandWhere sensitive data is transmitted from the application server to a system that the attacker controls.
Exploiting blind XXE to Retrieve Data Via Error MessagesWhere the attacker can trigger a parsing error message containing sensitive data.

XML(XXE)注入Payloads

XXE: Basic XML Example

XXE: Entity Example

XXE: File Disclosure

XXE: Denial-of-Service Example

XXE: Local File Inclusion Example

XXE: Blind Local File Inclusion Example (When first case doesn't return anything.)

XXE: Access Control Bypass (Loading Restricted Resources - PHP example)

XXE:SSRF ( Server Side Request Forgery ) Example

XXE: (Remote Attack - Through External Xml Inclusion) Exmaple

XXE: UTF-7 Exmaple

XXE: Base64 Encoded

XXE: XXE inside SOAP Example

XXE: XXE inside SVG

参考:

标签: , , , , ,