IDENTIFICATION

root@oco:~$ burpsuite
root@oco:~$ BROWSER > FoxyProxy > Burp
root@oco:~$ BURP SUITE > Proxy > Intercept is on
root@oco:~$ BROWSER > {targetSite:port}
 input field: submit the expected user input
 
BURP > Proxy > Intercept > Raw
 Request
  ...
  GET /index.php HTTP/1.1
  content-type: application/x-www-form-urlencoded

BURP > Proxy > Intercept > Raw > right-click > Send to Repeater
 Request
  ...
  GET /index.php?name=< HTTP/1.1
  content-type: application/x-www-form-urlencoded
   - presence of XSLT vulnerability can be validated by inserting a broken XML tag "<"; if the server produces an error in the web application then there might be a security issue
      - this does not confirm that an XSLT injection vulnerability is present, it might indicate the presence of a security issue
 Response
  ...
  HTTP/1.0 500 Internal Server Error

PreviousXSLT INJECTION NextXSLT INJECTION (EXPLOITATION)

Last updated 4 months ago