Web Application Security
*Note: Email address will appear as "user domain ext" to prevent harvesting.
PHP wrapper question Feb 18 2014 08:28PM
Mark Litchfield (mark securatary com)
Reaching out for some help / ideas.

I have an XXE that works but when processing large files it fails

For example, the below attack will work sending to my instance of Netcat
the base64 encoded string of win.ini. A nice POC, but not exactly what
I am looking. (We are using base64 to ensure any...

[ more ]  

Privacy Statement
Copyright 2010, SecurityFocus