Ajax Security: XML Injection

Goal: 

Ajax Applications rely on XML exchange information with server. 

Method: 

Using Burp Suite or other proxy tool to perform interception and XML injection attack. 

Step by step Guide

1. Start up Burp suite interception, ensure Interception responses also enabled. To enable Response Interception, goto Proxy=>option


2. Enter ID and Submit 

3. Click forward

4.  and stop at 2nd Response from server.

5. Now you just edit response to add the two new items. 

 

<reward>WebGoat Core Duo Laptop 2000 Pts</reward>

<reward>WebGoat Secure Kettle 3000 Pts</reward>

 

 

HTTP/1.1 200 OK

Server: Apache-Coyote/1.1

Cache-Control: no-cache

Content-Type: text/xml

Date: Wed, 12 Jul 2017 00:02:01 GMT

Connection: close

Content-Length: 136

 

<root>

<reward>WebGoat Mug 20 Pts</reward>

<reward>WebGoat t-shirt 50 Pts</reward>

<reward>WebGoat Secure Kettle 30 Pts</reward>

<reward>WebGoat Core Duo Laptop 2000 Pts</reward>

<reward>WebGoat Secure Kettle 3000 Pts</reward>

</root>

5. Now shown new items in the shopping cart. 

6. Next check the two new items and submit. 

 

Please publish modules in offcanvas position.