Update 20230315 - Exploiting Out-of-Band XXE in the Wild from P4 to P1.md - Commit f46b5405 - STRLCPY/NafisiAslH-KnowledgeSharing

Update 20230315 - Exploiting Out-of-Band XXE in the Wild from P4 to P1.md
Hossein NafisiAsl committed with GitHub 2 years ago

f46b5405

1 parent 5583e2b6

Total 1 files

■ ■ ■ ■ ■ ■

CyberSecurity/Web/BountyStory/XXE/20230315 - Exploiting Out-of-Band XXE in the Wild from P4 to P1.md

		skipped 34 lines
35	35		4. And guess what?I got the result.<br>
36	36		![20230315-4.png](../images/20230315-4.png)<br>
37	37		![20230315-5.png](../images/20230315-5.png)<br>
38		-
	38	+	<br>
39	39
40	40		### Phase 6 --> final XXE (P1) 🏅
41	41		1. I made the OOB XXE exploitation successfully!! But actually, I couldn’t get any file with multiple lines<br>
42	42		2. I tried several techniques such as base64, FTP, ... but i failed in all of them.<br>
43	43		3. Finally I was able to do this with error messages<br>
44	44		![20230315-6.png](../images/20230315-6.png)<br>
45		-
	45	+	<br>
46	46
47	47		## Credit
48	48		Based on [Mahmoud Youssef](https://0xmahmoudjo0.medium.com/exploiting-out-of-band-xxe-in-the-wild-16fc6dad9ee2)'s writeup.
		skipped 6 lines

Please wait...

Page is in error, reload to recover