Xpath

Schema recovery

drag_indicator

info

drag_indicator

inputs

drag_indicator

inspect

select * from information_schema.xml

Can you exfiltrate the full XML structure with only a blind Xpath injection ?

Goal: find the hidden node starting with `FLAG-`

The format is FLAG-\d+

Hints

Solution

drag_indicator

waf

INPUT

OUTPUT

drag_indicator

code

drag_indicator

result