[WEB SECURITY] Using XXE vulnerabilities for attacks on other sites

MustLive mustlive at websecurity.com.ua
Fri Aug 9 12:35:03 EDT 2013


Hello participants of Mailing List.

In June I wrote new article and in July I released a tool for conducting
attacks described in my article. And I'll tell you briefly about using XXE
vulnerabilities for attacks on other sites. These topic should be
interesting for you (especially for those, who haven't read it before).

1. Using XXE vulnerabilities for attacks on other sites.
http://websecurity.com.ua/6585/

In 2012 I wrote article Using XML External Entities (XXE) for attacks on
other sites
(http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2012-August/008481.html).
In this article I've told about using XML External Entities (XXE)
vulnerabilities (WASC-43) for conducting CSRF and DoS attacks on other
sites. About XXE vulnerabilities in different software and web applications,
such as Squiz CMS, Zend Framework, CakePHP and multiple Adobe products. And
mentioned about my tool for automation of such attacks - DAVOSET. Which can
be used for conducting attacks on other sites via Abuse of Functionality
vulnerabilities and it was possible to add support of attacks via XXE.

In new article I continued this topic. And described many new software and
web applications, which are vulnerable to XXE, such as libraptor, Advanced
XML Reader, PHP 5.3 and 5.4, WordPress 3.5 and 3.5.1 and Sybase EAServer.
And mentioned about my tool for automation of such attacks - DAVOSET. Which
can be used for conducting attacks on other sites via AoF vulnerabilities 
and I was planning to add support of attacks via XXE.

2. DAVOSET v.1.1.2.
http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2013-July/008884.html

Last month I released DAVOSET v.1.1.2 - DDoS attacks via other sites
execution tool. In this version I added support of XML requests for XXE
vulnerabilities. So now you can use XML External Entities (XXE)
vulnerabilities at web sites (including in any above-mentioned software) for
conducting automated DoS and DDoS attacks on other sites.

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua 





More information about the websecurity mailing list