Code Monkey home page Code Monkey logo

xcat's Introduction

XCat

Build Status image1 image2 image3 image4

XCat is a command line program that aides in the exploitation of blind XPath injection vulnerabilities. It can be used to retrieve the whole XML document being processed by a vulnerable XPath query, read arbitrary files on the hosts filesystem and utilize out of bound HTTP requests to make the server send data directly to xcat.

XCat is built to exploit boolean XPath injections (Where only one bit of data can be extracted in one request) and it requires you to manually identify the exploit first, this does not do that for you. Check out the docs at http://xcat.readthedocs.org/ for more info.

Install:

pip3 install xcat

Note: This requires Python 3.5 and above to run.

> xcat --help

XCat.

Usage:
    xcat <url> <target_parameter> [<parameters>]... (--true-string=<string> | --true-code=<code>) [--method=<method>]
         [--fast] [--oob-ip=<ip> (--oob-port=<port>)] [--stats] [--concurrency=<val>]
         [--features] [--body] [--cookie=<cookie>] [(--shell | --shellcmd=<cmd>)]
    xcat detectip

Options:
    -s, --shell                 Open the psudo-shell for exploring injections
    -S, --shellcmd=<cmd>        Execute a single shell command.
    -m, --method=<method>       HTTP method to use for requests [default: GET]
    -o, --oob-ip=<ip>           Use this IP for OOB injection attacks
    -p, --oob-port=<port>       Use this port for injection attacks
    -x, --concurrency=<val>     Make this many connections to the target server [default: 10]
    -b, --body                  Send the parameters in the request body as form data. Used with POST requests.
    -c, --cookie=<cookie>       A string that will be sent as the Cookie header
    -f, --fast                  Only fetch the first 15 characters of string values
    -t, --true-string=<string>  Interpret this string in the response body as being a truthful request. Negate with '!'
    -tc, --true-code=<code>     Interpret this status code as being truthful. Negate with '!'
    --stats                     Print statistics at the end of the session

More examples and documentation can be found at http://xcat.readthedocs.org/

Example Application

There is a vulnerable Java web application for testing/demoing available here: https://github.com/orf/xcat_app

xcat's People

Contributors

orf avatar holyvier avatar bitdeli-chef avatar denniskniep avatar

Watchers

Asif baig avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.