2 Videos for XML Attacks 01

PRO
Tier
difficulty_medium_icon
Medium
clock icon
< 1 Hr.
number of users completed icon
8919
badge icon
Essential Badge
image of exercise XML 01
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
XML 01

In this video, we discuss a common vulnerability in XML parsing related to DTD (Document Type Definition) and demonstrate how to exploit it to access local files, including sensitive information like the `/etc/passwd` file.

video duration icon02:07 number of views icon9939

 

image of exercise XML 01: Code Review
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
XML 01: Code Review

In this video, we conduct a resource code review of the challenge XML 01, part of the essential badge. We examine PHP code handling XML input, identifying vulnerabilities such as XML entity injection and Cross-Site Scripting (XSS).

video duration icon02:13 number of views icon868