A command line tool to explore blind XPath injection vulnerabilities
XCat is a command line program that aides in the exploitation of blind XPath injection vulnerabilities. It can be used to retrieve the whole XML document being processed by a vulnerable XPath query, read arbitrary files on the hosts filesystem and utilize out of bound HTTP requests to make the server send data directly to xcat.
Release | Stable | Testing |
---|---|---|
Fedora Rawhide | 1.0.4-14.fc40 | - |
Fedora 40 | 1.0.4-14.fc40 | - |
Fedora 39 | 1.0.4-13.fc39 | - |
Fedora 38 | 1.0.4-11.fc38 | - |
You can contact the maintainers of this package via email at
xcat dash maintainers at fedoraproject dot org
.