Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive the traffic from the vulnerable server.
This is actually nuts. I watched a video breakdown of this blog post and my jaw was on the floor. Super interesting stuff.
Absolutely, it’s a great read. Could you link the video you watched?
Here you go! https://youtu.be/TFolQUeWoog?si=6Ts5_aw9kyB-A-Ja
Thank you so much, I’ll check it out!