Computers, Programming, Technology, Music, Literature

Archive for the ‘xxe’ Category

Devouring Security: XML – Attack surface and Defenses

leave a comment »

 

 

 

 
 
 

Agenda:

 

·         XML today

·         XML/XPath injection – Demo

·         Compiled XPath queries

·         DTD use and abuse

          document validations

          entity expansions

          denial of service – Demo

          arbitrary uri access (egress)

          parameters

          file enumeration and theft – Demo

          CSRF on internal systems – Demo?

·         Framework defaults limits/restrictions

·         Mitigations

·         Lessons learned

·         Verifying your XML systems for potential threats

 

 

Note:

1.       All of them inclusive of sample code for exploits and prevention. Language(C#, Java, php)/Platform(Windows/Linux) agnostic wherever possible.

2.       It is imperative at this juncture, that you are aware of most attack scenarios against XML, because the framework defaults may not protect you, hence you may be vulnerable, you might have not found it yet.

3.       The session is a bit biased towards DTD abuse in XML systems, as the Injection concepts and remediation remain common in XML when compared to Sql injection.