1. Web Security Academy
  2. XXE injection
  3. Blind
  4. Lab

Lab: Blind XXE with out-of-band interaction


This lab has a "Check stock" feature that parses XML input but does not display the result.

You can detect the blind XXE vulnerability by triggering out-of-band interactions with an external domain.

To solve the lab, use an external entity to make the XML parser issue a DNS lookup and HTTP request to the public Burp Collaborator server (burpcollaborator.net).