How it works...
XML gives the possibility of defining entities. An entity in XML is a name with a value associated with it. Every time an entity is used in the document, it will be replaced by its value when the XML file is processed. Using this and the different wrappers available (such as file:// to load system files, or http:// to load URLs), we can abuse implementations that don't have the proper security measures in terms of input validation and XML parser configuration, and extract sensitive data or even execute commands in the server.
In this recipe, we used the file:// wrapper to make the parser load an arbitrary file from the server, and, after that, with the http:// wrapper, we called a web page that happened to be a webshell in ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access