Finding XXE Bugs With Xmlfuzz

In this tutorial we will show you you how easy it is do discover XXE (XML External Entity) injection vulnerabilities with Xmlfuzz.

Step 1

First you need a XML request that we will test. If you already know the structure you can just type it in. You can also use the Soap tool to load it from Soap UI project file or HTTPView to capture it live.

Screenshot 01

Step 2

Now that the base request is set in place you simply need to press the start button. The test will be in progress and you should be getting results immediately. The two main areas you should be looking at are the transactions view and report screen.

Screenshot 02

Step 3

Xmlfuzz will use a lot of generic data in order to diversify the test. However, notice that some requests have a special DOCTYPE header in the XML body. These are the requests we use to identify XXE vulnerabilities. XXE vulnerabilities will be detected automatically and highlighted in the report. However, you can also investigate generated entries manually.

Screenshot 03

And we are done.