Extensible Markup Language (XML) is a language that allows users to create a set of rules to define documents in human and machine-readable format. The most important thing about XML is its simplicity—you do not need to follow rules, you define the rules.
This flexibility has extended the use of XML in web applications, despite the fact that, over the last two years, other technology, such as JSON, is slowly supplanting XML; however, there are a lot of applications using XML today.
We'll cover the following topics in this chapter:
- How XML works
- Detecting and exploiting an XXE
- XXEs in the wild
- Read access to Google
- Facebook XXE with Word
- Wikiloc XXE