A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
Find a file
Offensive Security 8290029acb DB: 2017-02-03
12 new exploits

Microsoft Windows 2000 - RPC DCOM Interface Denial of Service
Microsoft Windows Server 2000 - RPC DCOM Interface Denial of Service

Microsoft Windows 2003/XP - Samba Share Resource Exhaustion Exploit
Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit

Microsoft Windows 2000/XP - TCP Connection Reset Remote Attack Tool
Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool

Microsoft Windows 2003/XP - Remote Denial of Service
Microsoft Windows Server 2003/XP - Remote Denial of Service

Microsoft Windows 2003/XP - IPv6 Remote Denial of Service
Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service

Microsoft Windows 2000 - UPNP (getdevicelist) Memory Leak Denial of Service
Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service

Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash
Microsoft Windows Server 2003 - '.EOT' Blue Screen of Death Crash

Microsoft Windows 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit)
Microsoft Windows Server 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit)

Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)
Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)
Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service
Microsoft Windows 2000/XP/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service
Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service
Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service

Microsoft Windows 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow
Microsoft Windows Server 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow

Microsoft Windows 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service
Microsoft Windows Server 2000/95/98/ME/NT 3.5.x/Enterprise Server 4.0/Terminal Server 4.0/Workstation 4.0 Microsoft DoS Device Name - Denial of Service

NT 4.0 / Windows 2000 - TCP/IP Printing Service Denial of Service
Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service

Microsoft Windows 2000 - Telnet Server Denial of Service
Microsoft Windows Server 2000 - Telnet Server Denial of Service

Microsoft Windows 2000 - Telnet 'Username' Denial of Service
Microsoft Windows Server 2000 - Telnet 'Username' Denial of Service

Microsoft Windows 2000 - RunAs Service Denial of Service
Microsoft Windows Server 2000 - RunAs Service Denial of Service

Microsoft Windows 2000/NT - Terminal Server Service RDP Denial of Service
Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service

Microsoft Windows 2000/XP - GDI Denial of Service
Microsoft Windows Server 2000/XP - GDI Denial of Service
Microsoft Windows 2000 - Internet Key Exchange Denial of Service (1)
Microsoft Windows 2000 - Internet Key Exchange Denial of Service (2)
Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (1)
Microsoft Windows Server 2000 - Internet Key Exchange Denial of Service (2)
Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (1)
Microsoft Windows 2000/NT 4 - TCP Stack Denial of Service (2)
Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1)
Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2)
Microsoft Windows 2000 - Lanman Denial of Service (1)
Microsoft Windows 2000 - Lanman Denial of Service (2)
Microsoft Windows Server 2000 - Lanman Denial of Service (1)
Microsoft Windows Server 2000 - Lanman Denial of Service (2)
Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1)
Microsoft Windows 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2)
Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1)
Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2)

Microsoft Windows 2000/2003/XP - Graphical Device Interface Library Denial of Service
Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service

Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (1)
Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1)

Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051)
Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051)

Microsoft Windows 2000/2003/XP - CreateRemoteThread Local Denial of Service
Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service

Microsoft Windows 2000/XP - Registry Access Local Denial of Service
Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service

Microsoft Windows 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities
Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities

Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service
Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service

Microsoft Windows 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service
Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service
Microsoft Windows 10 - SMBv3 Tree Connect (PoC)
Google Android - 'rkp_set_init_page_ro' RKP Memory Corruption
Microsoft Windows 2003 - Token Kidnapping Local Exploit (PoC)
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)
Microsoft Windows Server 2003 - Token Kidnapping Local Exploit (PoC)
Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)

Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)
Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)

Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)
Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080)

Microsoft Windows 2000/95/98/NT 4.0 - Long Filename Extension
Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension

Microsoft Windows 2000 - Named Pipes Predictability
Microsoft Windows Server 2000 - Named Pipes Predictability

Microsoft Windows 2000 - Still Image Service Privilege Escalation
Microsoft Windows Server 2000 - Still Image Service Privilege Escalation

Microsoft Windows 2000/NT 4 - DLL Search Path
Microsoft Windows Server 2000/NT 4 - DLL Search Path

Microsoft Windows 2000 - Debug Registers
Microsoft Windows Server 2000 - Debug Registers

Microsoft Windows 2000 - RunAs Service Named Pipe Hijacking
Microsoft Windows Server 2000 - RunAs Service Named Pipe Hijacking

Microsoft Windows 2000/NT 4 - NTFS File Hiding
Microsoft Windows Server 2000/NT 4 - NTFS File Hiding

Microsoft Windows 2000 / NT 4.0 - Process Handle Local Privilege Elevation
Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (1)
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (2)
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (3)
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (4)
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (5)
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (6)
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (7)
Microsoft Windows 2000/NT 4/XP - Window Message Subsystem Design Error (8)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8)
Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (1)
Microsoft Windows 2000/XP/NT 4 - NetDDE Privilege Escalation (2)
Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1)
Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2)

Microsoft Windows 2000 - Help Facility .CNT File :Link Buffer Overflow
Microsoft Windows Server 2000 - Help Facility .CNT File :Link Buffer Overflow

Microsoft Windows 2000 - RegEdit.exe Registry Key Value Buffer Overflow
Microsoft Windows Server 2000 - RegEdit.exe Registry Key Value Buffer Overflow
Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (1)
Microsoft Windows 2000 - CreateFile API Named Pipe Privilege Escalation (2)
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (1)
Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)

Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011)
Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011)

Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020)
Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020)

Microsoft Windows NT/2000/XP/2003/Vista/2008/7/8 - Local Ring Exploit (EPATHOBJ)
Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ)

Microsoft Windows 2000/2003/XP - Keyboard Event Privilege Escalation
Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation

Microsoft Windows 2003/XP - ReadDirectoryChangesW Information Disclosure
Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure
Microsoft Windows XP/2003/Vista/2008 - WMI Service Isolation Privilege Escalation
Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation
Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation
Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation

Microsoft Windows 2000/XP/2003 - Desktop Wall Paper System Parameter Privilege Escalation
Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation

Microsoft Windows 2000/XP/2003/Vista - Double-Free Memory Corruption Privilege Escalation
Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation

Ghostscript 9.20 - 'Filename' Command Execution

Microsoft Windows 2000 - RSVP Server Authority Hijacking (PoC)
Microsoft Windows Server 2000 - RSVP Server Authority Hijacking (PoC)

Microsoft Windows 2000/XP - RPC Remote (Non Exec Memory) Exploit
Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit
Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (1)
Microsoft Windows 2000 SP1/SP2 - isapi .printer Extension Overflow (2)
Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (1)
Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (2)

Microsoft Windows 2000 - WINS Remote Code Execution
Microsoft Windows Server 2000 - WINS Remote Code Execution

Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit)
Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit)
WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Python)
WarFTP 1.65 (Windows 2000 SP4) - (USER) Remote Buffer Overflow (Perl)
WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Python)
WarFTP 1.65 (Windows 2000 SP4) - 'USER' Remote Buffer Overflow (Perl)

Microsoft Windows 2000 SP4 - DNS RPC Remote Buffer Overflow
Microsoft Windows Server 2000 SP4 - DNS RPC Remote Buffer Overflow

Microsoft IIS 5.0/6.0 FTP Server - Remote Stack Overflow (Windows 2000)
Microsoft IIS 5.0/6.0 FTP Server (Windows 2000) - Remote Stack Overflow

Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)
Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)

Microsoft Internet Explorer 5 (Windows 2000/95/98/NT 4) - XML HTTP Redirect
Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4) - XML HTTP Redirect

Microsoft Index Server 2.0 / Indexing Services (Windows 2000) - Directory Traversal
Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - Directory Traversal

Cat Soft Serv-U FTP Server 2.5/a/b (Windows 2000/95/98/NT 4.0) - Shortcut Exploit
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut Exploit

Microsoft Windows 2000 - Remote CPU-overload
Microsoft Windows Server 2000 - Remote CPU-overload

Microsoft Windows 2000 - telnet.exe NTLM Authentication
Microsoft Windows Server 2000 - telnet.exe NTLM Authentication

Microsoft Indexing Services (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting
Microsoft Indexing Service (Windows 2000/NT 4.0) - '.htw' Cross-Site Scripting

Microsoft Indexing Services (Windows 2000) - File Verification
Microsoft Indexing Service (Windows 2000) - File Verification
SurfControl SuperScout WebFilter for windows 2000 - File Disclosure
SurfControl SuperScout WebFilter for windows 2000 - SQL Injection
Microsoft Windows 2000/XP/NT 4 - Help Facility ActiveX Control Buffer Overflow
SurfControl SuperScout WebFilter for Windows 2000 - File Disclosure
SurfControl SuperScout WebFilter for Windows 2000 - SQL Injection
Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow

Microsoft Windows 2000 - Active Directory Remote Stack Overflow
Microsoft Windows Server 2000 - Active Directory Remote Stack Overflow

Microsoft Windows 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow
Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow

Microsoft Windows 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking
Microsoft Windows Server 2000 - Subnet Bandwidth Manager RSVP Server Authority Hijacking
Microsoft Windows 2000/2003/XP - winhlp32 Phrase Integer Overflow
Microsoft Windows 2000/2003/XP - winhlp32 Phrase Heap Overflow
Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow
Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow

Microsoft Windows 2000/XP - Internet Protocol Validation Remote Code Execution (2)
Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2)
Microsoft Windows 2000/2003 - Recursive DNS Spoofing (1)
Microsoft Windows 2000/2003 - Recursive DNS Spoofing (2)
Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (1)
Microsoft Windows Server 2000/2003 - Recursive DNS Spoofing (2)

Linux - Multi/Dual mode Reverse Shell Shellcode (129 bytes)
Travel Portal Script 9.33 - SQL Injection
Movie Portal Script 7.35 - SQL Injection
Itech Travel Portal Script 9.33 - SQL Injection
Itech Movie Portal Script 7.35 - SQL Injection

Auction Script 6.49 - SQL Injection
Itech Auction Script 6.49 - 'mcid' Parameter SQL Injection

Itech News Portal Script 6.28 - SQL Injection
Itech News Portal Script 6.28 - 'inf' Parameter SQL Injection

Video Sharing Script 4.94 - SQL Injection
Itech Video Sharing Script 4.94 - 'v' Parameter SQL Injection

Itech Classifieds Script 7.27 - 'pid' Parameter SQL Injection
Itech Classifieds Script 7.27 - SQL Injection

Video Sharing Script 4.94 - 'uid' Parameter SQL Injection
Itech Video Sharing Script 4.94 - SQL Injection
WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Python)
WordPress 4.7.0/4.7.1 - Unauthenticated Content Injection (Ruby)
Itech Travel Portal Script 9.35 - SQL Injection
Property Listing Script - 'propid' Parameter Blind SQL Injection
Itech Inventory Management Software 3.77 - SQL Injection
Itech Movie Portal Script 7.37 - SQL Injection
Itech News Portal Script 6.28 - 'sc' Parameter SQL Injection
Itech Auction Script 6.49 - 'pid' Parameter SQL Injection
2017-02-03 05:01:17 +00:00
platforms DB: 2017-02-03 2017-02-03 05:01:17 +00:00
files.csv DB: 2017-02-03 2017-02-03 05:01:17 +00:00
README.md Merge pull request #65 from g0tmi1k/searchsploit 2016-12-08 20:36:52 +00:00
searchsploit Fix for #67 - Show result when their’s only 1 for nmap’s XML mode 2016-12-20 14:30:14 +00:00

The Exploit Database Git Repository

This is the official repository of The Exploit Database, a project sponsored by Offensive Security.

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.

This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.

Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms. For more information, please see the SearchSploit manual.

root@kali:~# searchsploit -h
  Usage: searchsploit [options] term1 [term2] ... [termN]

==========
 Examples
==========
  searchsploit afd windows local
  searchsploit -t oracle windows
  searchsploit -p 39446

=========
 Options
=========
   -c, --case     [Term]      Perform a case-sensitive search (Default is inSEnsITiVe).
   -e, --exact    [Term]      Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
   -h, --help                 Show this help screen.
   -j, --json     [Term]      Show result in JSON format.
   -m, --mirror   [EDB-ID]    Mirror (aka copies) an exploit to the current working directory.
   -o, --overflow [Term]      Exploit titles are allowed to overflow their columns.
   -p, --path     [EDB-ID]    Show the full path to an exploit (and also copies the path to the clipboard if possible).
   -t, --title    [Term]      Search JUST the exploit title (Default is title AND the file's path).
   -u, --update               Check for and install any exploitdb package updates (deb or git).
   -w, --www      [Term]      Show URLs to Exploit-DB.com rather than the local path.
   -x, --examine  [EDB-ID]    Examine (aka opens) the exploit using $PAGER.
       --colour               Disable colour highlighting in search results.
       --id                   Display the EDB-ID value rather than local path.
       --nmap     [file.xml]  Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
                              Use "-v" (verbose) to try even more combinations
=======
 Notes
=======
 * You can use any number of search terms.
 * Search terms are not case-sensitive (by default), and ordering is irrelevant.
   * Use '-c' if you wish to reduce results by case-sensitive searching.
   * And/Or '-e' if you wish to filter results by using an exact match.
 * Use '-t' to exclude the file's path to filter the search results.
   * Remove false positives (especially when searching using numbers - i.e. versions).
 * When updating from git or displaying help, search terms will be ignored.

root@kali:~#
root@kali:~# searchsploit afd windows local
--------------------------------------------------------------------------------- ----------------------------------
 Exploit Title                                                                   |  Path
                                                                                 | (/usr/share/exploitdb/platforms)
--------------------------------------------------------------------------------- ----------------------------------
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service                  | ./windows/dos/17133.c
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) | ./windows/local/6757.txt
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)            | ./windows/local/18176.py
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit)   | ./windows/local/21844.rb
Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)   | ./win_x86/local/39446.py
Microsoft Windows 7 (x64) - 'afd.sys' Privilege Escalation (MS14-040)            | ./win_x86-64/local/39525.py
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)              | ./windows/local/40564.c
--------------------------------------------------------------------------------- ----------------------------------
root@kali:~#
root@kali:~# searchsploit -p 39446
Exploit: Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
    URL: https://www.exploit-db.com/exploits/39446/
   Path: /usr/share/exploitdb/platforms/win_x86/local/39446.py

Copied EDB-ID 39446's path to the clipboard.

root@kali:~#

SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash, sed, grep, awk, etc.) for the core features to work. The self updating function will require git, and the Nmap XML option to work, will require xmllint (found in the libxml2-utils package in Debian-based systems).