Update README.md

qeeqbox · Dec 24, 2022 · 0338ac9 · 0338ac9
1 parent 17788b8
commit 0338ac9
Showing 1 changed file with 2 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -9,7 +9,7 @@ A threat actor may alter the XML path language (XPath) query to read data on the
 2. The target parses the malicious query (that contains expressions called a locator) and returns data from the database (XML document)
 
 ## Code
-#### Target logic
+#### Target-logic (db)
 ```xml
 <users>
   <user>
@@ -19,26 +19,13 @@ A threat actor may alter the XML path language (XPath) query to read data on the
 </users>
 ```
 
+#### Target-logic
 ```c#
-# Code
 ...
 String xpath_query = "//user[name/text()='" + get("name") + "' And pass/text()='" + get("pass") + "']";
 ...
 ```
 
-#### Target-in
-```
-name: test
-pass: P@ssw0rd!01
-
-//String xpath_query = "//user[name/text()='test' And pass/text()='P@ssw0rd!01']";
-```
-
-#### Target-Out
-```
-Welcome, test!
-```
-
 #### Target-in
 ```
 name: test' or 0=0 or 'a'='a