259fd19c1b
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server - Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson. - Simplied loading of resources, by adding resource mappings in MvcConfig. - Refactored plugin loading, now only one class is left for loading the lessons.
16 lines
665 B
Plaintext
16 lines
665 B
Plaintext
|
|
|
|
- Describe how the attack works / should be some outpu
|
|
|
|
<p><b>Concept / Topic To Teach:</b> </p>
|
|
This lesson teaches how to perform XML External Entity Attacks.
|
|
<br>
|
|
<div align="Left">
|
|
<p>
|
|
<b>How the attacks works:</b>
|
|
</p>
|
|
An XML External Entity attack is a type of attack against an application that parses XML input.
|
|
This attack occurs when XML input containing a reference to an external entity is processed by a weakly
|
|
configured XML parser. This attack may lead to the disclosure of confidential data, denial of service,
|
|
server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
|