XCat v0.5 XPath Injection (Black Hat EU 2012 Edition) Released

XCat is a command line program that aides in the exploitation of XPath injection vulnerabilities. It boasts a wide range of features and can utilize the more advanced features of the XPath 2.0 specification (pattern matching, unicode normilization and even http requests) or gracefully degrade to using XPath 1.0 if they are not available.

XCat is built to exploit boolean XPath injections (Where only one bit of data can be extracted in one request) and it requires you to manually identifiy the exploit first, this does not do that for you.

Features:

Exploits both GET and POST attacks
Extracts all nodes, comments, attributes and data from the entire XML document
Small and lightweight (only dependency is Twisted)
Parallel requests
XPath 2.0 supported (with graceful degrading to 1.0)
Regex pattern matching to reduce character search space
Unicode normalization
Advanced data postback through HTTP (see below)
Arbitrarily read XML files on the servers file system via the doc() function (see below)