Date Archives

October 2021

A journey from XML External Entity (XXE) to NTLM hashes!

We will start this blog post with an XML External Entity attack. Furthermore, we will discuss how I was able to capture NTLM v2 hashes using responder and evil-ssdp with the help of that XXE vulnerability. XXE Attack: There is a web security vulnerability that allows an attacker to mess with an application’s XML processing….

Read More