Tuesday, July 16, 2019

Automating local DTD discovery for XXE exploitation

This post was originally posted on GoSecure's blog
Last month, we presented at Hack In Paris (France) a XML External Entities (XXE) exploitation workshop. It showcase methods to exploit XXE with numerous obstacles. Today, we present our method to exploit XXEs with a local Document Type Declaration (DTD) file. More specifically, how we built a huge list of reusable DTD files.