Whitepaper: XML Port Scanning - Bypassing Restrictive Perimeter Firewalls

by SIFTJan 01, 2008

The XML port scanning technique described in this paper allows an attacker to utilize an XML parser to execute port scanning of systems behind a restrictive perimeter firewall. While the technique relies on some reasonably specific implementation details in order to be exploitable remotely, it is potentially applicable to any application that accepts XML document inputs. This technique demonstrates the danger that inadequately configured XML parsers can pose to an organization and highlights the inability of traditional network security devices to handle application-level threats.