.

[Article]-Intro to XPath Injection

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Mar 14, 2008 3:24 pm

[Article]-Intro to XPath Injection

After doing some videos and book reviews, Chris is back to writing articles with a great introduction to yet another security topic. This time it is a little known issue with XML files. Read on and be educated.

Permanent link: [Article]-Intro to XPath Injection


By Chris Gates, CISSP, CPTS, CEH

WTF is XPath Injection?  Data can be stored in a XML file instead of an SQL Database.  To sort through complex XML documents, developers created the XPath language.

http://www.w3.org/TR/xpath

XPath is a query language for XML documents, much like SQL is a query language for databases.  Instead of tables, columns, and rows XML files have nodes in a tree.  And like SQL, XPATH also had the potential for injection issues if queries are not properly sanitized.

Why is XPath Injection so dangerous?

  • XPath 1.0 is a standard language. SQL has many dialects all based on a common, relatively weak syntax.
  • XPath 1.0 allows one to query all items of the database (XML objects). In some SQL dialects, it is impossible to query for some objects of the database using an SQL SELECT query (e.g. MySQL does not provide a table of tables).
  • XPath 1.0 has no access control for the database , while in SQL, some parts of the database may be inaccessible due to lack of privileges to the application.



As always, please send in your feedback,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Apr 17, 2008 4:16 pm

Re: [Article]-Intro to XPath Injection

CISSP, MCSE, CSTA, Security+ SME

Return to Gates

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software