Prototype Pollution to RCE in n8n Webhook XML Parser

Repository contains a standalone exploit PoC and a self-contained Docker lab for CVE-2026-42231 / GHSA-q5f4-99jv-pgg5 affecting n8n XML webhook parsing. The main exploit is the Python script `poc_GHSA-q5f4-99jv-pgg5.py`, which sends crafted XML payloads to an n8n webhook endpoint to trigger prototype pollution through xml2js parsing of dangerous names like `__proto__`, `constructor`, and `prototype`. The intended exploitation chain is: XML webhook input -> own enumerable dangerous property on parsed object -> persistence through JSON serialization -> prototype manipulation during later object copying/assignment -> influence of Git/simple-git configuration -> command execution during SSH-based Git operations. Repository structure: `poc_GHSA-q5f4-99jv-pgg5.py` is the primary network exploit; `verify_GHSA-q5f4-99jv-pgg5.js` is a local verifier that reproduces the vulnerable and fixed parser configurations and demonstrates the chain without a live target; `exploit.sh` automates lab setup, owner creation, login, workflow creation, activation, demo, exploit delivery, log viewing, and cleanup; `docker-compose.yml` provisions a vulnerable `n8nio/n8n:1.123.22` instance and an attacker container on a shared Docker network; `Dockerfile` packages the Python PoC; `requirements.txt` lists `requests`; `README.md` documents the vulnerability, prerequisites, payloads, and usage. Capabilities: the exploit can verify vulnerability in demo mode and deliver RCE-intent payloads in exploit mode. It targets public n8n webhook endpoints, especially workflows that later use a Git node with SSH. The helper script also fingerprints and manipulates n8n REST endpoints (`/rest/owner/setup`, `/rest/login`, `/rest/workflows`) to build a reproducible lab. Overall, this is a real exploit repository with both proof/verification and operational payload delivery components, not merely a detector.