Showing posts from February, 2010

XML Injection


XML Injection is an attack technique used to manipulate or compromise the logic of an XML application or service. The injection of unintended XML content and/or structures into an XML message can alter the intend logic of the application. Further, XML injection can cause the insertion of malicious content into the resulting message/document.

How to Exploit:

Inserting</Email><UniqueID>0</UniqueID><Email> in Email field will yield the following result:

<Name>Henry Ackerman</Name><Email></Email><UniqueID>0</UniqueID><Email>;/Email>
<Address>123 Disk Drive</Address>

This will add more one record in XML database with UniqueID=0.

One Live Example:

In order of doing a Web…

Reflected XSS on

Image A prominent online Information Security website which is resource for IT Security professionals for latest security news,attacks,security topics,whitepapers etc is itself vulnerable to reflected XSS.
The XSS is possible in response page which gives error message if the login fails.

An error page, which is handling requests for a non existing pages, a classic 404 error page.

If we request some non-existent the application returns following response:

Requesting will return

Sorry non_existent_page not available

Here the application is embedding the requested page's name in the response.So if a user requests<script>alert("XSS in reponse page");</script> the application will execute the script when returning a response to the user.

Similarly the Login page of the returns error message in response page.


So replacing it with