Published on March 19th, 2012 | by NJ Ouchn0
Blackhat Amsterdam 2012 : ToolsTube with Tom Forbes on XCAT – Xpath Injection Tool
The tools exploit xpath injection vulnerability in web applications and support advanced exploitation features. Both Xpath 1.0 and 2.0 are supported. The tool allows extraction of entire XML database by exploiting the XPATH vulnerability in web application frameworks. Some of the advanced features which Xcat supports include:
- True and Error conditions (Blind Injection)
- Extracting Data over Out-of-band channels (HTTP, DNS)
- Abusing the DOC function and reading arbitrary XML files on the system
Tom is a university student who finished his summer internship at 7Safe last year. During the internship Tom worked on several interesting aspects of IT Security. His research paper on Hacking XPATH 2.0 is the only material available on internet on this topic.