XML XPath Injection Login Form Low Security Level

XML/XPath Injection (Login Form) Solution: Step 1. Enter ' in the login text box and click on the Login button and check the results. (Please follow video for more details). Error: Warning: SimpleXMLElement::xpath(): Invalid predicate in /var/www/html/bWAPP/xmli_1.php on line 78 You can go through the entire code. We will try login with the credentials neo and trinity Lets do a white box testing Login successful You can also test the lesson with logically true statements as below. Step 2. Enter the below code in the login text box -) PseudoTime'or 1=1 or '1'='1 * Instead of PseudoTime you can use your own name or you can simply ignore the prefix Step 3. You can keep the password blank or give password of your choice. We will check with both the conditions: 1. Without password 2. With password (You can enter any value of your choice). * You can test the lesson with other logically true statements. PseudoTime