Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
PHP wrapper question
Feb 18 2014 08:28PM
Mark Litchfield (mark securatary com)
Reaching out for some help / ideas.
I have an XXE that works but when processing large files it fails
For example, the below attack will work sending to my instance of Netcat
the base64 encoded string of win.ini. A nice POC, but not exactly what
I am looking. (We are using base64 to ensure any...
[ more ]
Copyright 2010, SecurityFocus