Abusing XSLT for Practical Attacks

by Fernando Arnaboldi Sept. 18, 2017 via Black Hat submitted by belen_caty

XSLT can be leveraged to affect the integrity of arithmetic operations, lead to code logic failure, or cause random values to use the same initialization vector. Error disclosure has always provided valuable information, but thanks to XSLT, it is possible to partially read system files that could disclose service or system's passwords. Finally, XSLT can be used to compromise end-user confidentiality by abusing the same-origin policy concept present in web browsers. This presentation includes proof-of-concept attacks demonstrating XSLTs potential to affect production systems, along with recommendations for safe development.


Steven Ulm 1 month ago

Well written Fernando! your presentation is short on on the point! found the proof-of-concepts attacks part extremely interesting. Thank you for sharing!