BIPI
BIPI

XXE Attacks: Classic, Blind, Error-Based, and SVG-Based XXE in 2024

Cybersecurity

XML External Entity attacks are alive in SOAP, SAML, Office docs, and SVG uploads. A field guide to detection, exploitation, and remediation.

By Arjun Raghavan, Security & Systems Lead, BIPI · November 17, 2024 · 10 min read

#xxe#xml#pentesting#saml#file-upload

XXE feels retro, yet it shows up every quarter in SAML stacks, document converters, and SVG image processing. Modern parsers ship safe defaults, but legacy libraries and custom DOCTYPE handling keep this class alive.

Where XXE Hides in 2024

  • SAML SSO endpoints accepting attacker-controlled assertions
  • DOCX, XLSX, and PPTX upload features that parse embedded XML
  • SVG avatars and logo uploads rendered server-side
  • SOAP APIs in healthcare and banking middleware
  • RSS and OPML feed importers
  • Legacy Java services using default DocumentBuilderFactory

Classic In-Band XXE

Inject a DOCTYPE with an external entity pointing at file:///etc/passwd, then reference that entity in the body. If the parser echoes content, you read files directly.

Blind XXE With Out-of-Band

When responses are suppressed, use a parameter entity loaded from an attacker DTD. Host a DTD that wraps the target file content into an entity, then triggers a request to your collaborator host with the data embedded.

Error-Based XXE

If the server returns parse errors verbatim, force an error that contains file content. Reference an entity that resolves to a non-existent path constructed from the file body, and the parser will leak the data in the error message.

SVG-Based XXE

  1. Upload an SVG with a DOCTYPE pointing at file:///etc/hostname
  2. Server renders SVG to PNG via ImageMagick or rsvg-convert
  3. If the renderer expands entities, content lands in the rasterized image or alt text
  4. Combine with SSRF by pointing entities at the cloud metadata address
  5. Test PDF generators that accept SVG inputs the same way

SAML and XXE

SAML responses are XML. If signature verification happens after parsing, XXE in the assertion fires before any auth check. CVE-2017-11427 set the pattern and we still see the bug in custom SAML implementations.

XXE in a SAML flow is a pre-authentication file read. Treat any custom SAML library as a priority audit target.

Detection Tips

  • Submit a benign DOCTYPE and watch for DTD fetches on Collaborator
  • Test both UTF-8 and UTF-16 encodings, some filters miss UTF-16
  • Try CDATA wrapping if entities are stripped
  • Use parameter entities when general entities are blocked
  • Probe XInclude as an alternative when DOCTYPE is rejected

Remediation

  1. Disable DOCTYPE processing on Java DocumentBuilderFactory
  2. Disable external entity resolution in libxml without NONET and DTDLOAD
  3. Use defusedxml in Python, never raw xml.etree on untrusted input
  4. Validate file uploads with strict MIME and content sniffing for SVG
  5. Pin and audit XML parser versions; ship deny-by-default config
CVE-2024-23897
Jenkins arg file XXE-adjacent, study the class
5min
to confirm blind XXE with Collaborator
100%
of unconfigured Java XML parsers are vulnerable

Read more field notes, explore our services, or get in touch at info@bipi.in. Privacy Policy · Terms.