Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Julia

R

MATLAB

Solidity

Haskell

F#

Nix

Dart

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Lua

Groovy

F#

Go

Crystal

Racket

Swift

Kotlin

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇱🇨 Saint Lucia

🇨🇳 China

🇶🇦 Qatar

🇲🇻 Maldives

🇸🇱 Sierra Leone

🇲🇬 Madagascar

🇹🇭 Thailand

🇧🇸 The Bahamas

All Countries Compare Countries

AonCyberLabs/xxe-recursive-download

Stars
228
Rank 175,267 (Top 4 %)
Language
Python
License
GNU General Publi...
Created over 9 years ago
Updated almost 9 years ago

AonCyberLabs/xxe-recursive-download

AonCyberLabs

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Description

This tool exploits XXE to retrieve files from a target server. It obtains directory listings and recursively downloads file contents.

Usage:

The script has to be slightly modified to work with different web sites / web services:

Set HOST and URL according to your target
Change the XML data and the URL of your evil.dtd in the REQUEST_BODY
Modify the _parse_response() method to parse the file content from the response.
For https: Change the _issue_request method to use HTTPSConnection.

Also, make sure you make the DTD evil.dtd available to the server: python -m SimpleHTTPServer 5678

python xxeclient.py -h
usage: xxeclient.py [-h] path [path ...]

Retrieves files via XXE

positional arguments:
  path        path(s) to the retrieve (e.g. /etc/)

optional arguments:
  -h, --help  show this help message and exit

Vulnerable Example Web Service

The files in xxe-example/ contain a sample vulnerable RESTful web service written in Java using Jersey (inspired by [1]).

To compile and run it using maven run: mvn jetty:run

Debugging:

The JSON and XML files in sample-payloads/ can be used to debug the web service with curl:

curl -v -H "Content-Type:application/json" --upload-file initial.json http://localhost:8080/api/user
curl -v -H "Content-Type:application/xml" --upload-file cdata.xml http://localhost:8080/api/user

[1] https://github.com/rgerganov/xxe-example

Windows-Exploit-Suggester

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.

PadBuster

Automated script for performing Padding Oracle attacks

Docker-Secure-Deployment-Guidelines

Deployment checklist for securely deploying Docker

EvilAbigail

Automated Linux evil maid attack

Cexigua

Linux based inter-process code injection without ptrace(2)

SSH-Weak-DH

D-Modem

A software SIP modem

Nmap-Scripts

Fizzer

Fizzer is an assessment tool for fuzzing FIX messages.

mbedtls-fuzz

BadSamba

This module is used to exploit startup script execution through Windows Group Policy settings when configured to run off of a remote SMB share.

MAM-Security-Checklist

Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution

BlazorTrafficProcessor

DUALITY

FastInfoset-Burp-Plugin

Burp plugin to convert fast infoset (FI) to/from the text-based XML document format allowing easy editing

LowDLL

aon-password-research