webPromedium

Lab 38 — PipelineForge — XXE in XML Pipeline Import

hackadvisor

Task: PipelineForge CI/CD dashboard with XML pipeline import feature on Settings page. Solution: XXE injection via external entity in uploaded XML file, flag at /root/flag.txt exfiltrated through validation error messages.

$ ls tags/ techniques/

lfi file_read java csrf xxe xml honeypot_flag spring cicd pipeline_import

xxe_file_readexternal_entity_injectioncsrf_token_extractionerror_based_exfiltrationanti_bot_honeypot_detection

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ grep --similar

Similar writeups

[web][Pro]Lab 388 — ModelForge— hackadvisor
[web][Pro]Lab 352 — PipeForge — Content-Type Confusion to Admin JWT Forge to RCE— hackadvisor
[web][Pro]Lab 320 — BuildForge — Path Traversal to RCE via CLI @File Expansion— hackadvisor
[web][Pro]Lab 139 — HireFlow — XXE via XML Application Intake— hackadvisor
[web][Pro]DecisionForge— hackadvisor