Skip to content

∞ Growing Web Security Blog

  • Home
  • About
  • Contact

Navigation

  • Home
  • About
  • Contact

Month: March 2018

Gaining Filesystem Access via Blind OOB XXE

Today, I’d like to share my methodology behind how I found a blind, out of band xml external entities attack in a private bug bounty program. I have redacted the necessary information to hide the program’s identity. As with the beginning of any hunter’s quest, thorough recon is necessary to identify as many in-scope assets […]

Read More Gaining Filesystem Access via Blind OOB XXE

Archive

  • May 2019
  • August 2018
  • March 2018
  • December 2017
  • February 2017
Blog at WordPress.com.
Cancel