Blind XPath Injection Attack: A Case Study
Published: 2013
Author(s) Name: Jyoti Lakhani |
Author(s) Affiliation: Assistant Professor, Maharaja Ganga Singh University, Bikaner, Rajasthan, India
Locked
Subscribed
Available for All
Abstract
Extensible Mark-up Language (XML) is adopted by
different organizations as a data exchange format for
web services and internet applications. The XML is
much prone to hackers’ attack. The common hacking
technique for XML is XPath injection. The attacker can
exploit the XPath to manipulate the database. XPath
Injection attack can even bypass the system security
and results can be disastrous. In this communication
Blind XPath code injection problem is being reviewed
using a case study. This article discusses the extent
of the problem and few principals for managing and
solving XML deployment.
Keywords: XML, XPath Injection, Blind XPath Injection
View PDF