Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Exploiting blind XXE to retrieve data via error messages

kr4k1 | Last updated: Nov 04, 2020 01:23PM UTC

Hi, I'd like to ask you about a lab. https://portswigger.net/web-security/xxe/blind/lab-xxe-with-data-retrieval-via-error-messages for this exercise, can we use a Collaborator server ? If we can't use the Collaborator, one on our own website can we create an attack level with the same code by creating a .php file? Thank You.

Uthman, PortSwigger Agent | Last updated: Nov 04, 2020 01:56PM UTC

Hi Ersin, The lab does not require the use of the collaborator server. Have you tried completing the lab using the solution provided?

kr4k1 | Last updated: Nov 04, 2020 08:10PM UTC

Hey, thanks for the answer, Uthman, I left out some details.I have successfully completed the lab, but what changes must be made to implement it in a real attack scenario ? can we use a collaborative server ? If we can't use the collaborator, we can create a level of attack with the same code by creating one from our own website .php or udt file?

Uthman, PortSwigger Agent | Last updated: Nov 05, 2020 09:12AM UTC

The method of using a collaborator server would work for out-of-band exfiltration. Unfortunately, I am not a subject expert on this. Have you taken a look at the learning materials on the topic?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.