Chapter 8. XML Attacks
In this chapter, we'll cover some techniques for attacking XML parsers. XML parsers are basically programs or libraries which take an XML document as input, then parse the same for retrieving the content in a meaningful and easy way. For those who are unaware, eXtensible Markup Language (XML) is used for data exchange purposes. XML syntax at a glance looks very similar to HTML but it is used only for storing data, albeit in a more organized way. By default, an XML document is just a plain text document which actually does nothing. To make use of XML we need programs which actually read the file and do something meaningful based on them, and hence XML parsers come into the picture. XML is open standard, free, and is supported by the World Wide Web Consortium (W3C). Let's now dive deep and go through various sections of this chapter.
Note
Warning:
A few sections in this chapter will contain techniques of Denial-of-Service (DoS), please keep in mind that DoS techniques...
