bWAPP - XML/Xpath Injection (Search)

bWAPP – XML/Xpath Injection (Search)

In this walk through, we will be going through the XML/Xpath Injection (Search) vulnerability section from bWAPP Labs. We will be exploring and exploiting XML/Xpath Injection in Search parameter and learn how application are affected because of it. So, let’s get started with the Hacking without any delay.

XML/Xpath Injection (Search)

Table of Contents

Security: Low

  • Setting the security level to Low.

Security level Low

  • The application consist of a drop down search functionality where we can search for movies based on their associated category. It issues a GET request to xmli_2.php along with the selected category.

XML/Xpath Injection

Burpsuite intercept

Source code

  • I used the below payload to break the XML query and dump passwords from the heroes.xml file.



XML Injection confirmed

Also Read: bWAPP – Text Files (Accounts)



So, we finally completed all the security levels for the bWAPP XML/Xpath Injection (Search) Vulnerability. We looked into the various ways how application has been set up in various levels and how we can bypass the security controls implemented. Next, we can mitigate the potential XML/Xpath Injection attacks by performing input sanitization and using secure XML parsing libraries. Along with that, we can configure XML parsers securely by disabling unnecessary features and restricting access to sensitive resources. On that note, i will take your leave and will meet you in next one, till then “Keep Hacking”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top