Episode 76: Match & Replace - HTTP Proxies' Most Underrated Feature
Critical Thinking - Bug Bounty Podcast
Exploring Parameters in HTTP Requests and XML Exploits
This chapter delves into the format of parameters in HTTP requests, comparing them to scope parameters and discussing testing features across different implementations in libraries and web frameworks. It provides a detailed analysis of an XSE exploit on SharePoint by Chuddy PB, exploring XML parsing functionality and the potential security vulnerabilities in XML reader libraries. The chapter also emphasizes the importance of thorough testing and exploring various payloads when encountering XML External Entity (XXE) vulnerabilities, showcasing insights on parameter entities in XML and dynamic creation of definitions in doc types.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
