.png)
8 months ago
66 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello Guys, today we have explanation of XPATH Injection.
What is XML ?
Extensible Markup Language (XML) is a markup language that provides rules to define any data. Unlike other programming languages, XML cannot perform computing operations by itself.
What is XPATH
XPath is a major element in the XSLT standard, XPath can be used to navigate through elements and attributes in an XML document.
What is XPATH Injection
XPath Injection attacks occur when a web site uses user-supplied information to construct an XPath query for XML data. By sending intentionally malformed information into the web site, an attacker can find out how the XML data is structured, or access data that they may not normally have access to.
Technical
We know when XPATH Injection occurs so lets go with the vulnerable code right away
In this code, the authenticate function is supposed to check if a given username and password combination exists in an XML file named users.xml. However, the way the XPath query is constructed makes it vulnerable to injection attacks.
Exploitation
An attacker could manipulate the input fields to craft malicious inputs, for example
1 — If the attacker enters a valid username but manipulates the password input to ' or '1'='1, the XPath query will become //user[username='valid_username' and password='' or '1'='1'], which will always return true since '1'='1' is a tautology, effectively bypassing the authentication.
2 — Another common technique would be to comment out the rest of the query. For instance, if the attacker enters ' or 1=1 or ''=', it would result in the XPath query //user[username='' or 1=1 or ''=''], effectively bypassing the password check.
resources
thanks for reading reach me at:
Bye bye.
Bengali (Bangladesh) · 
English (United States) ·