Proof of concept for XXE in Ktor (CVE-2023-45612)# CVE-2023-45612 PoC
This repository contains a proof of concept (PoC) for CVE-2023-45612 which allowed XXE in the default configuration of ContentNegotiation in ktor.
The PoC is split into 2 parts:
- `server/`, containing an example of a Ktor server using an affected version of Ktor, with an endpoint susceptible to the attack
- `client/`, containing a Python script that demonstrates using the XXE vulnerability in the example server to achieve LFI
## Reproduction steps
Both the server and the client can be started by running `docker compose up` from this repository's root directory. After the server starts (might take a couple of seconds), the client will automatically perform the attack.
[4.0K] /data/pocs/cc1f7619d1537c172b81eb902ca874708bd486fa
├── [4.0K] client
│ ├── [ 162] Dockerfile
│ └── [ 566] poc.py
├── [ 355] docker-compose.yaml
├── [ 700] README.md
└── [4.0K] server
├── [4.0K] app
│ ├── [1.7K] build.gradle.kts
│ └── [4.0K] src
│ └── [4.0K] main
│ └── [4.0K] kotlin
│ └── [4.0K] org
│ └── [4.0K] example
│ └── [1.4K] App.kt
├── [ 266] Dockerfile
├── [4.0K] gradle
│ ├── [ 483] libs.versions.toml
│ └── [4.0K] wrapper
│ ├── [ 43K] gradle-wrapper.jar
│ └── [ 251] gradle-wrapper.properties
├── [ 194] gradle.properties
├── [8.5K] gradlew
├── [2.9K] gradlew.bat
└── [ 527] settings.gradle.kts
11 directories, 14 files