advanced xxe exploitation exercise 1 : simple xxe (app

Report

Post on 09-May-2022

14 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Advanced XXE ExploitationExercise 1 : Simple XXE (App port 8021)

Philippe ArteauGoSecure Countertack

19/06/2019Slides: http://bit.ly/xxeparis

http://bit.ly/xxeparis

Running an HTTP server

$ python –m http.server 8888

(pick a port that is unused)

Normal XML file

Malicious XML file

Directory listing

QuestionS ?

Contactparteau@gosecure.cagosecure.net/blog/@h3xStream @GoSecure_Inc

top related

xml external entities [xxe]

Internet

les positivismes juridiques au xxe siècle

Documents

surexploitation€¦ · 68 ocean-climate.org au cours du...

Documents

overexploitation tokyo tuna market. types of...

Documents

arts du xxe siÈcle

Documents

fonds bougainville (xve-xxe siècles)

Documents

poésie du xixe au xxe siècle

Documents

xxe advanced exploitation

Technology

grenoble architectures du xxe siècle

Documents

exploitation @nirav4peace xxe @owasp puneboring theories :-p...

Documents

xxe xml external entity

Internet

de la poésie du xxe siècle

Documents

xxe siècles

Documents

onsec phdays 2012 xxe incapsulated report

Technology

maurice boulanger, illustrateur, france, début xxe

Documents

ssrfvs.$business-cri0cal$ applicaons:...

Documents

xxe: advanced exploitation - defcon-ua

Documents

la mystification du xxe siècle

Documents

histoire du xxe siècle

Documents

martinique label « patrimoine du xxe siecle

Documents