Xpath

Merging nodes

by YesWeHack
drag_indicator
info
drag_indicator
inputs
drag_indicator
inspect

Full exfiltration

XPATH also allow you to merge multiples sets of nodes. Use this feature to get full database.

Goal: Get the full database

Hints

Hint #1
expand_more

The merging operator is |

Solution

Read the solution
expand_more

$user = admin $node = a | / |

Explanation

We merge the nonexistent node /db/users/user/address/a with the root node / and the text content of the root node.

If we only did:

$node = a |

We would have only get the text content of the root node instead of the node itself.

drag_indicator
waf
INPUT
OUTPUT
drag_indicator
code
drag_indicator
result