nyx/tests/dynamic_fixtures/xxe/ruby/vuln.rb at fd39304eed8a1deca329114d293ac72873689cfb - apunkt/nyx - bitfreedom.net: free all bits, everywhere

apunkt/nyx

mirror of https://github.com/elicpeter/nyx.git synced 2026-06-12 19:55:14 +02:00

pitboss 4de925c3ef [pitboss] phase 05: Track J.3 + Track L.3 — XXE corpus + DocumentBuilder / lxml / libxml / SimpleXML adapters

2026-05-17 20:39:12 -05:00

11 lines

356 B

Ruby

Raw Blame History

 # Phase 05 (Track J.3) — Ruby XXE vuln fixture.
 #
 # The function feeds attacker XML straight to `REXML::Document.new`
 # without disabling entity expansion, so any `<!ENTITY xxe SYSTEM
 # "file:///…">` in the payload is resolved and its body substituted
 # into the parsed document.
 require 'rexml/document'
 def run(body)
   REXML::Document.new(body)
 end