XXE Atack
Feedback I created this website to get your feedback on our CTF. Can you check if it's secure ? Link Ps: flag stored in "flag" file Author:Tr'GFx とりあえずソースコードを見る。 <script type="text/javascript"> function func(){ var xml = '' + '' + '<feedback>' + '<author>' + $('…</author></feedback>
Our Christmas Wishlist We have all gathered round to write down our wishes and desires for this Christmas! Please don't write anything mean, Santa will be reading this! Server: http://199.247.6.180:12001 Serverにアクセスすると以下のようなW…