advanced xxe exploitation exercise 1 : simple xxe (app
TRANSCRIPT
Advanced XXE ExploitationExercise 1 : Simple XXE (App port 8021)
Philippe ArteauGoSecure Countertack
19/06/2019Slides: http://bit.ly/xxeparis
Running an HTTP server
$ python –m http.server 8888
(pick a port that is unused)
Normal XML file
Malicious XML file
Directory listing
QuestionS ?
[email protected]/blog/@h3xStream @GoSecure_Inc