Created
August 20, 2014 00:45
-
-
Save lukaskuzmiak/c8306a5af855c6faaaee to your computer and use it in GitHub Desktop.
PHP XXE tester
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Extended tester from ezimuel (https://gist.github.com/ezimuel/9135151) | |
| // The libxml entity loader is disabled by default | |
| // even setting the libxml_disable_entity_loader to false doesn't works! | |
| // | |
| // @see http://uk3.php.net/manual/en/function.libxml-disable-entity-loader.php | |
| // @see http://stackoverflow.com/a/10213239 | |
| // @see https://stackoverflow.com/questions/24117700 | |
| $dir = __DIR__; | |
| $content = 'WARNING, external entity loaded!'; | |
| file_put_contents('content.txt', $content); | |
| $xml = <<<EOD | |
| <?xml version="1.0"?> | |
| <!DOCTYPE root | |
| [ | |
| <!ENTITY foo SYSTEM "file://$dir/content.txt"> | |
| ]> | |
| <test><testing>&foo;</testing></test> | |
| EOD; | |
| file_put_contents('content.xml', $xml); | |
| printf ("PHP verion %s\n", PHP_VERSION); | |
| printf ("Libxml library ver. %s\n", LIBXML_DOTTED_VERSION); | |
| printf("\nTesting simplexml_load_string\n"); | |
| // simplexml_load_string() testing | |
| $doc = simplexml_load_string($xml); | |
| printf("Default behaviour: %s\n", $doc->testing); | |
| $oldValue = libxml_disable_entity_loader(false); // enable entity load? | |
| $doc = simplexml_load_string($xml); | |
| printf("libxml_disable_entity to false: %s\n", $doc->testing); | |
| libxml_disable_entity_loader($oldValue); | |
| $oldValue = libxml_disable_entity_loader(true); // enable entity load? | |
| $doc = simplexml_load_string($xml); | |
| printf("libxml_disable_entity to true: %s\n", $doc->testing); | |
| libxml_disable_entity_loader($oldValue); | |
| $doc = simplexml_load_string($xml, null, LIBXML_NOENT); | |
| printf("LIBXML_NOENT: %s\n", $doc->testing); | |
| // simplexml_load_file() testing | |
| printf("\nTesting simplexml_load_file\n"); | |
| $doc = simplexml_load_file('content.xml'); | |
| printf("Default behaviour: %s\n", $doc->testing); | |
| $oldValue = libxml_disable_entity_loader(false); // enable entity load? | |
| $doc = simplexml_load_file('content.xml'); | |
| printf("libxml_disable_entity to false: %s\n", $doc->testing); | |
| libxml_disable_entity_loader($oldValue); | |
| $oldValue = libxml_disable_entity_loader(true); | |
| $doc = simplexml_load_file('content.xml'); | |
| printf("libxml_disable_entity to true: %s\n", $doc->testing); | |
| libxml_disable_entity_loader($oldValue); | |
| $doc = simplexml_load_file('content.xml', null, LIBXML_NOENT); | |
| printf("LIBXML_NOENT: %s\n", $doc->testing); | |
| // test DOMDocument | |
| printf("\nTesting DOM (loadXml)\n"); | |
| $dom = new DOMDocument('1.0'); | |
| $dom->loadXml($xml); | |
| $testing = $dom->getElementsByTagName('testing')->item(0); | |
| printf("Default behaviour: %s\n", $testing->nodeValue); | |
| $oldValue = libxml_disable_entity_loader(false); // enable entity load? | |
| $dom = new DOMDocument('1.0'); | |
| $dom->loadXml($xml); | |
| $testing = $dom->getElementsByTagName('testing')->item(0); | |
| printf("libxml_disable_entity to false: %s\n", $testing->nodeValue); | |
| libxml_disable_entity_loader($oldValue); | |
| $oldValue = libxml_disable_entity_loader(true); | |
| $dom = new DOMDocument('1.0'); | |
| $dom->loadXml($xml); | |
| $testing = $dom->getElementsByTagName('testing')->item(0); | |
| printf("libxml_disable_entity to true: %s\n", $testing->nodeValue); | |
| libxml_disable_entity_loader($oldValue); | |
| $dom->loadXml($xml, LIBXML_NOENT); | |
| $testing = $dom->getElementsByTagName('testing')->item(0); | |
| printf("LIBXML_NOENT: %s\n", $testing->nodeValue); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment