IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [xml]

XML (Extensible Markup Language) is a set of rules for encoding documents in both human-readable and machine-readable form. Use this tag for security issues relating to the format itself, or where the fact that the data is xml-formatted is core to the question.

XML (Extensible Markup Language) is a set of rules for encoding documents in both human-readable and machine-readable form.

It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards.

77 questions
1
vote
2 answers

What is an XML round trip vulnerability?

I keep hearing about the XML round trip vulnerability in version 3.2.4 of the Ruby package REXML. I looked into it myself, of course, and it seems to have something to do with parsing an XML document, then putting it back into XML again, and it…
Alex V
  • 190
  • 6
1
vote
1 answer

Blind XXE - Exfiltration Data via OOB

My lab Kali Linux:192.168.171.134 bWApp Server: http://192.168.171.131 I want to do an exfiltration data via HTTP on this Blind XXE. I'll use the Portswigger Payload. This is the External.DTD:
Zefiro38
  • 21
  • 3
1
vote
1 answer

Avoid cross site scripting in XML namespace

We have a legacy application on spring mvc and we have a web service exposed (SOAP protocol) for some reporting client app. This service was tested by a security team and the report indicates that the service is vulnerable to XSS attack. The proof…
Suhas Karanth
  • 11
  • 3
1
vote
0 answers

CWE-611: Improper Restriction of XML External Entity Reference with XSL include

Veracode reports that the below code is susceptible to CWE-611: Improper Restriction of XML External Entity Reference. XslCompiledTransform transform = new XslCompiledTransform(); transform.Load(xslwithospath); StringWriter results = new…
Hoppe
  • 143
  • 5
1
vote
1 answer

SOAP Web Service: Basic Auth. vs Password in xml

I am testing a SOAP web service and the service sends username and password in every request as part of the XML body over SSL. I wanted to object to that and offer Basic Auth. but could not find any logical reason. It feels wrong but I dont know…
b4da
  • 690
  • 1
  • 7
  • 20
1
vote
1 answer

Does using many XML parsers (XDocument, XMLDocument) from the public Internet increase attack surface area?

I am coding an anonymous WCF service that allows others to post XML into it. Does using different kinds of XML parsers XDocument, XMLDocument, or even 3rd party parsers increase the attack surface area? (Buffer overflows, etc).
makerofthings7
  • 50,090
  • 54
  • 250
  • 536
1
vote
0 answers

Example of Insecure DTD Processing in XmlSchema.Read

According to https://msdn.microsoft.com/en-us/library/mt661872.aspx and https://github.com/dotnet/roslyn-analyzers/issues/563 the code below is vulnerable to DTD expansion attack: var src = "?payload?"; TextReader tr = new…
Jaroslav Lobačevski
  • 11
  • 2
1
vote
1 answer

Difference between XML external entities and Remote File Inclusion attacks

I was just studying about the XML external entities attack and Remote File Inclusion Attack. According to my understanding, the XML external entities attack is where the XML parser in the web application has the option of external entities enabled…
Skynet
  • 598
  • 5
  • 12
1
vote
0 answers

Private key to sign a XML file

I’ve never dealt with cryptography before so my question may be sound trivial. I need to create an app that sends messages as digitally signed XML files. The messages are sent to a CA entity. According to the instruction I’ve received from the…
Paolo
  • 11
  • 5
1
vote
0 answers

Mitigating - Microsoft XML Parser (MSXML) and XML Core Services Unsupported (62758)

We have a number of host that are running an outdated and now unsupported version of MS XML Parser\Core Services. I am trying to find a way to mitigate this issue silently on workstations, hopefully without breaking anything. I have been searching…
Grecian Urn
  • 11
  • 1
1
vote
0 answers

Java XXE Injection - Billion Laughs doesn't work

I'm trying to reproduce several xxe attacks against a java web service. When i try to reproduce "Billion Laughs" i always get this: Exception in thread "main" org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 1; The parser has…
justatester
  • 131
  • 4
1
vote
0 answers

AES256 key exchange

I'm trying to get a secure way of exchanging keys between my client application and the server. The goal is to encrypt all XML messages with AES256. These XML's will be transferred to the server using https (post). yes i know the AES256 probably is…
Nick
  • 11
  • 3
1
vote
1 answer

Fuzzing C++ application that expects XML file

I'm trying to fuzz an application to make sure it is secure. The app does not have any UI and needs to be run via the cmdline: app.exe myfile.xml Also myfile.xml looks like this:
user2567674
  • 11
  • 2
0
votes
1 answer

Does an exposed XMLRPC API in a web application pose a threat?

I'm given the assignment of testing one of our web-servers in regards to security. One of the servers run IIS 7 and its application relies extensively on XMLRPC calls. I found the API for those calls was publicly available on the web-server which…
efr4k
  • 497
  • 3
  • 13
0
votes
1 answer

Securing data at rest

For an API request to my application, I store the data in the request object temporarily in an XML file before it is pushed to the database. Although the XML files are stored on a secured server at a firewall-protected data center, should I look to…
user49348
  • 1
1 2 3
4
5 6