Skip to content
/ play-framework-xxe Public

POC for exploitation of a XML entities in the Play framework

4 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

its-arun/play-framework-xxe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
poc.py
poc.py
 
 

Repository files navigation

play-framework-xxe

POC for exploitation of a XML entities in the Play framework useful for CTFs where you might not have access to VPS. This POC assumes that the host provided by user is vulnerable to said play framework xxe. Read More

Usage

git clone https://github.com/its-arun/play-framework-xxe.git
cd play-framework-xxe
python3 poc.py http://example.com/login

Spin yourself a vulnerable instance

Pentesterlab was kind enough to publish exercise for this vulnerability at VulnHub

About

POC for exploitation of a XML entities in the Play framework

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages