Upload File

php filter encoding2019/06/19  · atom in a few seconds edit view language logout / .svn/wc ....

  • Home
  • Documents
  • PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert
9
Advanced XXE Exploitation Exercise 3: PHP filter encoding (App port 8023) Philippe Arteau GoSecure Countertack 19/06/2019 Slides: http://bit.ly/xxeparis

Upload: others

Post on 26-Oct-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert

Advanced XXE ExploitationExercise 3: PHP filter encoding (App port 8023)

Philippe ArteauGoSecure Countertack

19/06/2019Slides: http://bit.ly/xxeparis

http://bit.ly/xxeparis
Page 2: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert
Page 3: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert

Allow the extraction of binary file

SVN metadata(older version : .svn/entries)

Page 4: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert

1. Ctrl-Shift-B

2. Grep or Open in SQLite Other file versionned

Page 5: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert

Use the same method use to read SVN metadata to read this PHP file

Page 6: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert
Page 7: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert
Page 8: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert

Can you find how to get RCE using the PHP script?

Page 9: PHP filter encoding2019/06/19  · atom in a few seconds Edit View Language Logout / .svn/wc . Control Panel XML File 2 4 6 16 feed [ xxe SYSTEM < feed> " php: / / filter/ convert

QuestionS ?

[email protected]/blog/@h3xStream @GoSecure_Inc


PHP and MySQL php-mysql PHP and MySQL

PHP Certified training Coimbatore|PHP institutes Coimbatore|PHP certification

AVX EMI Filters · 2004-10-08 · 5 FEED-C THRU FILTER L FILTER π FILTER T FILTER Filter Types A feedthru is a low inductance device, acting as a bypass feedthru capacitor to ground

Filter Custom Layouts Without PHP

MANN+HUMMEL PreLine Pre-filter for diesel fuel...(injector) Tank Fuel feed pump PreLine pre-filter Main filter High pressure injection pump Injection nozzle (injector) If technical

CASE STUDY - TORAY€¦ · Table 1 — Quick Facts Feed source Open intake seawater from the Mediterranean Sea Pretreatment 2-stage sand filter followed by 5-micron cartridge filter

Scaling php - Intercon php

Hybrid RF-Digital Feed-Forward Filter for High-Order

EMC filters 4-line filters for installations and …the feed (filter: line) and output (filter: load) not via the PE terminal bolt in the filter housing. Mounting instructions, point

Reverse Osmosis System · Filter Housing RO Membrane Inline Post Carbon Filter 1. Feed Water Adapter Valve 2. Leak Stop Valve 3. Sediment Filter 4. GAC Filter 5. Carbon Block Filter

PHP Programming: PHP Crush Course! Learn PHP Programming

Exploiting Php With Php

PHP PHP: Hypertext Preprocessing

Industrial Cleaning Equipment€¦ · position, cutting off airflow to the ... dash light. Vacuum Discharge. SERVICE CABINET SOLUTION FILTER: Standard Solution Feed Filter for scrubdeck

PHP2010/11 : [‹#›] PHP Security. PHP2010/11 : [‹#›] Two Golden Rules 1.FILTER external input Obvious.. $_POST, $_COOKIE, etc. Less obvious.. $_SERVER

PHP 7,377++ PHP 6,968 ++ PHP 6,558++ - The Lind Boracay

SecurityPHPApril 2010 : [‹#›] PHP Security. SecurityPHPApril 2010 : [‹#›] Two Golden Rules 1.FILTER external input Obvious.. $_POST, $_COOKIE, etc. Less

PHP Development - Introductionmhughes/Lectures/PHPDevelopment1.pdfPHP Development - Introduction . Php Hypertext Processor • PHP stands for PHP: Hypertext Preprocessor • PHP is

Filtering Tainted Data: ext/filter vs. Zend Filter · ext/filter vs. Zend_Filter Ben Ramsey International PHP Conference 8 November 2006. Welcome • BenRamsey.com • I work for

dynaJET - UGSI Chemical Feed · 2018. 6. 21. · it be a centrifuge, belt filter press, clarifier, filter, paper machine, or whatever your process requires, your investment is substantial

COMP519: Web Programming Autumn 2010 PHP Basics: Introduction to PHP a PHP file, PHP workings, running PHP. Basic PHP syntax variables, operators,

PHP Tutorial - Learn PHP

PHP Without PHP—Confoo

SPECTRUM FILTER - pdfs.semanticscholar.org · al air-scourable multi-media filter. Feed water is dosed with coagulant (polymer for high turbidity feed waters) and flows down through

1 Open Source Programming. -Introduction to PHP -PHP installation /wamp server installation for PHP environment -PHP syntax -PHP variables -PHP Strings

Filter Press - CDE GlobalRapid Deployment Our detailed analysis of your feed material ensures your filter press is built with consideration for the unique requirements · 2017-1-24

Farmed Fish & shellFish sourcing transparency 2017€¦ · Feed is not required because scallops are filter feeders, which means they filter particles of food from the water column

Walnut Shell Filter Reuse Potential - Saudi Arabian Water ... · Walnut Shell Filter Reuse Potential Mike Howdeshell ... • Filtration ... Water sent to carbon to create RO feed

CCS 4370/6370: Web Programming Spring 2013 PHP Basics: Introduction to PHP a PHP file, PHP workings, running PHP. Basic PHP syntax variables, operators,

Filter Pasif Sebagai Kompensasi Harmonik dari ...citee.ft.ugm.ac.id/2015/proceeding/download51.php?f...Filter Pasif Sebagai Kompensasi Harmonik dari Cycloconverter pada Pabrik Hot

EMC filters - 3-line filters for converters and power electronics ......the feed (filter: line) and output (filter: load) not via the PE terminal bolt in the filter housing. Mounting

RPF Rotary Pressure Filter - Environmental XPRT · Suspension feed & filtration The suspension is fed continuously and under pressure to the filter from below. In the filter cells,

Energy Regulatory Commission · Prtce Amount PhP Amount Amount Amount PhP PhP PhP PhP COMMON OFFICE SUPPLIES PhP PhP Ball IntPen fioe int black 5.00 500 2500.00. 1300 ... Portable

Membrane Filtration Handbook - Big Brand Water Filter, Inc.€¦ · Pressure, Either the pressure from the feed pump (standard meaning), or the pressure feed at the inlet to a membrane

PHP Basics (See PHP on line manual at: PHP - Overview Scripting vs Programming Code Examples – PHP; Perl; JSP PHP Strengths