💻
OSWE Everything
💻
OSWE Everything
  • VULNERABILITIES
    • Type Juggling
    • Cross Site Scripting
      • Hunting for files
    • Insecure Deserialization
      • .NET
    • SQL Injection
      • Blind SQL Injection
      • SQLi debugging
      • Code review
      • Errors and additional information
      • Approaches to leverage different databases
    • XML External Entity (XXE)
      • Types of XML Entities
      • Exploitation
      • Wrappers for errors
      • Post Exploitation
    • OS Command Injection
      • Exploitation
    • Server Side Template Injection
      • Exploitation
    • Authentication Bypass
      • Checklist
  • Unsecure Random Function
    • Exploitation
  • Cross Origin Resource Sharing (CORS)
    • Prerequisites of Exploitation
  • Client Side Request Forgery (CSRF)
    • Prerequisites of Exploitation
  • Exploit Writing
    • Cheatsheet
    • Skeleton Scripts
  • Code review
    • Manual code review
      • Routing
      • Searching for exploits
      • Debugging
    • Decompilation
      • Java
      • .NET
    • Managing the application
      • Identifying application file location
      • Restarting web applications
      • Manipulation of Assembly Attributes for Debugging (.NET)
  • Preparation Machines
    • [HTB] Vault
    • Other HTB scripts
  • ADDITIONAL INFORMATION
    • Sources
  • External Resources
    • WhiteBox Pentest
Powered by GitBook
On this page
  • Internal
  • External
  • Private
  • Public
  • Parameter
  • Unparsed External Entities
  1. VULNERABILITIES
  2. XML External Entity (XXE)

Types of XML Entities

Internal

Definied locally within the DTD.

Syntax:

<!ENTITY name "entity_value">

Example:

<!ENTITY person "<name>John</name>">

External

They are used when referenced data is not definied internally.

There are two types of External Entities:

Private

SYSTEM keyword indicates that it is private external entity.

Syntax:

<!ENTITY name SYSTEM "URI">

Example:

<!ENTITY url SYSTEM "http://hacker-studio.pl">

Public

The PUBLIC keyword indicates that this is a public external entity

Syntax:

<!ENTITY name PUBLIC "public_id" "URI">

Example:

<!ENTITY information PUBLIC "//publicly_known_data" "https://hacker-studio.pl/publicly_known_data.xml">

Parameter

Includes % prefix.

Syntax:

<!ENTITY % name SYSTEM "URI">

Example:

<!ENTITY % input 'created variable'>
<!ENTITY text 'This is text from %input;' >

Unparsed External Entities

We can access binary content with unparsed entities.

Preventing XML parser from processing the referenced data. 

<!ENTITY name SYSTEM "URI" NDATA TYPE>
<!ENTITY name PUBLIC "id" "URI" NDATA TYPE>
PreviousXML External Entity (XXE)NextExploitation

Last updated 1 month ago