The audience at Black Hat, Las Vegas were recently engaged by an interactive workshop titled ‘The Art of Exploiting Lesser Known Injection Flaws’ presented by 7Safe renowned security researchers Sumit Siddarth and Aleksander Gorkowienko.
The aim of the workshop was to provide an in-depth knowledge of some injection techniques which are not as commonly known as SQL Injection. The following topics were covered in this workshop:
• XPATH Injection
• LDAP Injection
• Hibernate Query Language Injection
• XML Entity Injection
The workshop provided participants with a unique opportunity to gain insightful information, allowing them to master the exploitation techniques and gain an in-depth knowledge of the impact of the vulnerabilities.
Two key tools were released and presented during the session: “LDAP Blind Explorer” and “XPATH Blind Explorer”, which allow quick and easy exploitation of the subsequent injection flaws. For instance, XPATH Blind Explorer allows extracting full XML document from the back system. Watch the videos below for a clear demonstration of how the tools can be used in practice:
LDAP Blind explorer in action:
XPATH Blind Explorer in action: