Latest Change 8/4/2016:
– server.rb: added file overwrite.
– use browser Payload building.
– add blank db
– updated to views
– defcon updates
This tool is meant to help test XXE vulnerabilities in file formats. Currently supported:
– PDF (experimental)
– JPG (experimental)
– GIF (experimental)
* Options Menu
+ Build a File
+ Build PDF/GIF/JPG PoC (Experimental)
+ String Replace in a File
+ XSS/String Entity in File
+ Overwrite file inside DOCX/etc.
+ List Previously Built Files
+ Display OXML Contents
String Replace in File
String replacement mode goes through and looks for the symbol § in the document. The XML Entity (“&xxe;”) replaces any instances of this symbol. Note, you can open the document in and insert § anywhere to have it replaced. The common use case would be a web application which reads in a xlsx and then prints the results to the screen. Exploiting the XXE it would be possible to have the contents printed to the screen.
Usage & Download from git Debian/Ubuntu:
sudo apt-get install libsqlite3-dev libxslt-dev libxml2-dev zlib1g-dev gcc
git clone https://github.com/BuffaloWill/oxml_xxe && cd oxml_xxe
sudo gem install bundler
Open Browser at localhost:4567 (ctrl + C to stop)
git pull origin master