buffalowill / oxml_xxe Goto Github PK
View Code? Open in Web Editor NEWA tool for embedding XXE/XML exploits into different filetypes
oxml_xxe's People
Contributors
Stargazers
Watchers
Forkers
nahidupa tracertea coca1ne s4n7h0 chienthan9x pang-w 4sp1r3 sector009 lucabongiorni 00derp alienwithin programming086 tester-byte chaman phishing-factory kevin25 0xbadca7 ezio3593 slae-r exploitprotocol ddosser alexlauerman 0x0mar jaypatel3434 nauliajati detrojones bmoar theralfbrown uziuser c0ntr01 ruslankerimov 0x13337 hpkumbhar olivierh59500 xceasar bbghunter l50 carnal0wnage sahalaww infosecsecurity panckazzz chubbymaggie 5up3rc lovebair2022 rkornmeyer mayfly277 jinyu00 crypt0b0y scorpioni4e y-mehta phosphore jmbowes streaak livhbk akpotter ashr yehgdotnet vah13 markin syntaxerror4 incredibleindishell sahadnk72 ankushgoel27 rohitmual 1337g wllidr chingru murthysagi wolfwhoami expertasif mendickxiao kobs0n d066y trackscorer h4554nalmusajjen 0x554simon greatspider135 ztencmcp mmg1 1052847690 ropnop xero-zero rudrasingh99 arongmh deelmind attackgithub idkwim orf53975 alvinfr rkreddypandu w4fz5uck5 mikust aniledappal brianwrf shahid1996 juan157 fersingb permikomnaskaltara a-min3 pelaohxcoxml_xxe's Issues
implement error handling functionality
Update to Current Ruby versions
Hello, any way you could get this updated so it works on newer systems? I'm trying all sorts of stuff to get this working without any luck.
create a default for Input File
"As a user I would like the Input File to default to sample.docx. This would make it easier to create a PoC quickly"
Your Ruby version is 2.3.5, but your Gemfile specified 2.6.2
Followed the instructions exactly and received this error trying to bundle install
Your Ruby version is 2.3.5, but your Gemfile specified 2.6.2
soooooo do i use 2.3.5 per the docs or 2.6.2 per the gemfile? :P
Thanks!
Support more complex string substituition
For now string substitution is handled at the document level. It is necessary to allow string substitions at the file level.
For example, a user I would like to able to substitute an XXE into string or XML parameter of the "[Content_Types].xml" file.
Open Source XML Parser with known vulnabilities
Hi, do you know any open source XML parser with known vulnabilities, which can be hacked by documents created by oxml_xxe?
I was ordered to test the tools that we’re using for testing security in my company.
Thanks in advance!
add gem file
ruby
ruby server.rb
/usr/local/lib/site_ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require': cannot load such file -- haml (LoadError) from /usr/local/lib/site_ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require'
from server.rb:4:in `
ruby 2.3.3p222 (2016-11-21) [x86_64-linux-gnu]
support proper menu exit functionality
there are randomly inserted menu exits. this needs to be properly implemented with highline
Windows Support
Hi,
I haven't tried this on linux. But i tried to install this on windows. After installing it's required dependencies, it shown the error given below.
Gemfile says to have ruby 2.1.5 but i have 2.1.8, if that information is required.
I have updated that file to use it. https://github.com/exploitprotocol/oxml_xxe/blob/master/Gemfile
If ruby version is issue, could you please increase support for other ruby version's .
Thanks
Kali Linux ruby upgrade error
My problem is that
I use Kali Linux and I am trying to use the tool of "beef", however, for this situation firstly I need to upgrade ruby because I see this error 'Ruby version 2.1.5 is no longer supported. Please upgrade to Ruby version 2.2 or later.'
When I check my version of the ruby it is 'ruby 2.1.5p273 (2014-11-13) [i386-linux-gnu]'.
And then I tried respectively
sudo apt-get install ruby2.0
sudo apt-get install ruby-full
apt-get upgrade
apt-get update
But still I could not upgrade it, how can I upgrade, could you help me, please?
Thank you.
Not able too redirect to private IP
Hi
I have done the setup in a remote server and i can't access the 127.0.0.1:4567
i am trying to open the private and public IP with 4567 port but i am not able to get the output.
Please help me with the fix.
Update to modern ruby
The Gemfile currently pins the ruby version to 2.1.5. I wonder if this could be updated to 2.4.x or later?
WARNING: ruby-2.1.5 is past its end of life and is now unsupported.
It no longer receives bug fixes or critical security updates.
Error while generating the payload
Hello ,
When I am generating the file, I ma getting this error:
uninitialized constant Zip::File Did you mean? Oxfile File
Inventory notification
Your tool/software has been inventoried on Rawsec's CyberSecurity Inventory:
What is Rawsec's CyberSecurity Inventory?
An inventory of tools and resources about CyberSecurity. This inventory aims to help people to find everything related to CyberSecurity.
More details about features here.
Note: the inventory is a FLOSS (Free, Libre and Open-Source Software) project.
Why should you care about being inventoried?
Mainly because this is giving visibility to your tool and improve its referencing.
Badges
The badge shows to your community that your are inventoried. It looks good but also shows you care about your project, that your tool is referenced.
Feel free to claim your badge here: http://inventory.rawsec.ml/features.html#badges, it looks like that 
Want to thank us?
If you want to thank us, you can help make our open project better known by tweeting about it! For example:
So what?
That's all, this message is just to notify you if you care. Else you can close this issue.
Add install instructions.
I can do a pull request and write you some install instructions.
I had to do the following to get the program running:
$ gem install highline $ gem install zipruby
Installtion Iusse
root@linux-ptvm-01:~/oxml_xxe# ruby server.rb
/var/lib/gems/2.3.0/gems/rack-2.0.3/lib/rack/show_exceptions.rb:16: warning: already initialized constant Rack::ShowExceptions::CONTEXT
/usr/lib/ruby/vendor_ruby/rack/showexceptions.rb:16: warning: previous definition of CONTEXT was here
/var/lib/gems/2.3.0/gems/rack-2.0.3/lib/rack/show_exceptions.rb:114: warning: already initialized constant Rack::ShowExceptions::TEMPLATE
/usr/lib/ruby/vendor_ruby/rack/showexceptions.rb:115: warning: previous definition of TEMPLATE was here
/usr/lib/ruby/2.3.0/rubygems/specification.rb:2287:in raise_if_conflicts': Unable to activate dm-serializer-1.2.2, because json-2.1.0 conflicts with json (~> 1.6) (Gem::ConflictError) from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1408:in activate'
from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1442:in block in activate_dependencies' from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in each'
from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1428:in activate_dependencies' from /usr/lib/ruby/2.3.0/rubygems/specification.rb:1410:in activate'
from /usr/lib/ruby/2.3.0/rubygems.rb:196:in rescue in try_activate' from /usr/lib/ruby/2.3.0/rubygems.rb:193:in try_activate'
from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:125:in rescue in require' from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:40:in require'
from /root/oxml_xxe/model/master.rb:2:in <top (required)>' from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require'
from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in require' from server.rb:11:in
Docker Image - Error while starting web server - missing gems
When attempting to build and run the latest version of the tool, the docker image builds correctly but is unable to run.
The log output states that it is unable to find the gem dependencies. See below.
λ docker-compose up --build 0 (01:09.004) < 13:33:55
Building web
[+] Building 0.8s (11/11) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 366B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ruby:3.2.2-slim 0.7s
=> [1/6] FROM docker.io/library/ruby:3.2.2-slim@sha256:995aeea8fd8261662d7d9c157ca319ce009c7f99333b3358eb26e84b63 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 19.16kB 0.0s
=> CACHED [2/6] RUN apt-get update && apt-get install -y make git libsqlite3-dev libxslt-dev libxml2-dev zlib 0.0s
=> CACHED [3/6] WORKDIR /oxml_xxe 0.0s
=> CACHED [4/6] COPY Gemfile ./ 0.0s
=> CACHED [5/6] RUN bundle install 0.0s
=> CACHED [6/6] COPY . . 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:adb7d84f06b69380dcc7e887c6fe1816a63bcad7925075b32df53cf49757d442 0.0s
=> => naming to docker.io/library/oxml_xxe_web 0.0s
Starting oxml_xxe_web_1 ... done
Attaching to oxml_xxe_web_1
web_1 | /usr/local/lib/ruby/3.2.0/bundler/definition.rb:524:in `materialize': Could not find slim-5.1.0, nokogiri-1.14.3-x86_64-linux, sequel-5.68.0, sqlite3-1.6.2-x86_64-linux, temple-0.10.0, tilt-2.1.0, thor-1.2.1 in locally installed gems (Bundler::GemNotFound)
web_1 | from /usr/local/lib/ruby/3.2.0/bundler/definition.rb:197:in `specs'
web_1 | from /usr/local/lib/ruby/3.2.0/bundler/definition.rb:254:in `specs_for'
web_1 | from /usr/local/lib/ruby/3.2.0/bundler/runtime.rb:18:in `setup'
web_1 | from /usr/local/lib/ruby/3.2.0/bundler.rb:171:in `setup'
web_1 | from /usr/local/lib/ruby/3.2.0/bundler/setup.rb:23:in `block in <top (required)>'
web_1 | from /usr/local/lib/ruby/3.2.0/bundler/ui/shell.rb:159:in `with_level'
web_1 | from /usr/local/lib/ruby/3.2.0/bundler/ui/shell.rb:111:in `silence'
web_1 | from /usr/local/lib/ruby/3.2.0/bundler/setup.rb:23:in `<top (required)>'
web_1 | from <internal:/usr/local/lib/ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:85:in `require'
web_1 | from <internal:/usr/local/lib/ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:85:in `require'
web_1 | from /usr/local/lib/ruby/3.2.0/rubygems.rb:1370:in `<top (required)>'
web_1 | from <internal:gem_prelude>:2:in `require'
web_1 | from <internal:gem_prelude>:2:in `<internal:gem_prelude>'
oxml_xxe_web_1 exited with code 1
non-menu driven version
"as a user I would like to have a CLI version of oxml_xxe. sometimes using the menu is more than I need"
This would likely involve moving some of the methods into a helper file, each version could pull from this.
Add vulnerable code examples for testing
python:
- python-docx: 0.8.11
- odfpy: 1.4.1
- lxml: 4.6.3
Gemfile outdated
Gemfile use ruby 2.3.5 but this version is old an it is not possible to build it easily anymore n modern distro. I tried building 2.3.5 and 2.3.8 with rbenv and it fails.
I tried to install dependencies with ruby 2.6.2 but in the gemfile some versions were not fixed:
gem 'sinatra', '1.4.8'
gem 'haml'
gem 'rubyzip'
gem 'json','1.8.6'
gem 'nokogiri'
gem 'data_mapper', '1.2.0'
gem 'dm-sqlite-adapter', '1.2.0'
So breaking changes happened between 2017 and 2019 for some of them.
$ ruby server.rb
Traceback (most recent call last):
5: from server.rb:11:in `<main>'
4: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
3: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
2: from /home/noraj/Tools/oxml_xxe/model/master.rb:2:in `<top (required)>'
1: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
/home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require': cannot load such file -- data_mapper (LoadError)
12: from server.rb:11:in `<main>'
11: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
10: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
9: from /home/noraj/Tools/oxml_xxe/model/master.rb:2:in `<top (required)>'
8: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:34:in `require'
7: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:123:in `rescue in require'
6: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems.rb:217:in `try_activate'
5: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1420:in `activate'
4: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1438:in `activate_dependencies'
3: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1438:in `each'
2: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1452:in `block in activate_dependencies'
1: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1418:in `activate'
/home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:2302:in `raise_if_conflicts': Unable to activate dm-serializer-1.2.2, because json-2.1.0 conflicts with json (~> 1.6)
(Gem::ConflictError)
13: from server.rb:11:in `<main>'
12: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
11: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
10: from /home/noraj/Tools/oxml_xxe/model/master.rb:2:in `<top (required)>'
9: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:34:in `require'
8: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:123:in `rescue in require'
7: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems.rb:216:in `try_activate'
6: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems.rb:223:in `rescue in try_activate'
5: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1420:in `activate'
4: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1438:in `activate_dependencies'
3: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1438:in `each'
2: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1452:in `block in activate_dependencies'
1: from /home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:1418:in `activate'
/home/noraj/.rbenv/versions/2.6.2/lib/ruby/2.6.0/rubygems/specification.rb:2302:in `raise_if_conflicts': Unable to activate dm-serializer-1.2.2, because json-2.1.0 conflicts with json (~> 1.6)
(Gem::ConflictError)
So if you can update dependencies and test with a 2.6.x ruby.
Add payload descriptions
"As a user I would like to be able to print out a description of the XE payloads"
Add official dockerfile+build
It would be great if there was an official dockerfile and automated build on dockerhub.
I can see some previous work on https://github.com/nahidupa/oxml_xxe/blob/master/Dockerfile by @nahidupa , but it appears that hasn't been pushed to dockerhub:
I've started work on my own, which may evolve over time into a more compact alpine linux container, assuming it runs properly there:
Ideally it would be awesome to see this built against alpine linux.
indent the menu system
the menu system would benefit from indentation
6th argument in insert_payload_docx VS server.rb
Hello,
Firstly, many thanks for your tool. I have to use it tomorrow for a pentest :)
Just I saw you added a 6th argument in "insert_payload_docx" function (line 82 in util.rb)
# overridden method for replacing entire xml files def insert_payload_docx(ffile,name,payloadx,ip,exfil,bool_replace_xml)
So we are getting an error in server.rb which call the function with only 5 arguments.
I think a cosmetic fix is required ;-) (,false)
Thank you,
Nicolas
Docker fails to start under arm64
Solution: remove Gemfile.lock before building the image, it will be generated automatically correctly
downgrade to ruby version 2.3.5 and use old Gemfile - for who latest not working
Here is old Gemfile
source 'https://rubygems.org'
ruby "2.3.5"
gem 'sinatra', '1.4.8'
gem 'haml'
gem 'rubyzip'
gem 'json','1.8.6'
gem 'nokogiri'
gem 'data_mapper', '1.2.0'
gem 'dm-sqlite-adapter', '1.2.0'
now its working
Originally posted by @b1nslashsh in #30 (comment)
insert XXE into all in build mode does not work as expected
Insert all should create one word document with the XXE backdoor in all files.
error while starting ruby server
i got this error while starting ruby server
Error
$ ruby server.rb
/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in `require': cannot load such file -- haml (LoadError)
from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in `require'
from server.rb:4:in `<main>'
Whats the problem here?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.