oxml_xxe - A tool for embedding XXE/XML exploits into different filetypes.

oxml_xxe – A tool for embedding XXE/XML exploits into different filetypes.

Latest Change 8/4/2016:
– server.rb: added file overwrite.
– use browser Payload building.
– add blank db
– updated to views
– defcon updates

This tool is meant to help test XXE vulnerabilities in file formats. Currently supported:
– DOCX/XLSX/PPTX
– ODT/ODG/ODP/ODS
– SVG
– XML
– PDF (experimental)
– JPG (experimental)
– GIF (experimental)

* Options Menu
+ Build a File
+ Build PDF/GIF/JPG PoC (Experimental)
+ String Replace in a File
+ XSS/String Entity in File
+ Overwrite file inside DOCX/etc.
+ List Previously Built Files
+ Display OXML Contents

string replace file

string replace file

String Replace in File
String replacement mode goes through and looks for the symbol § in the document. The XML Entity (“&xxe;”) replaces any instances of this symbol. Note, you can open the document in and insert § anywhere to have it replaced. The common use case would be a web application which reads in a xlsx and then prints the results to the screen. Exploiting the XXE it would be possible to have the contents printed to the screen.

Usage & Download from git Debian/Ubuntu:

Source: https://github.com/BuffaloWill | Our Old Post Here