{"id":13542283,"url":"https://github.com/staaldraad/xxeserv","last_synced_at":"2025-04-06T02:11:40.121Z","repository":{"id":45513068,"uuid":"76186539","full_name":"staaldraad/xxeserv","owner":"staaldraad","description":"A mini webserver with FTP support for XXE payloads","archived":false,"fork":false,"pushed_at":"2024-01-03T13:07:30.000Z","size":6787,"stargazers_count":329,"open_issues_count":0,"forks_count":56,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-03-30T01:11:11.666Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/staaldraad.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-12-11T16:39:42.000Z","updated_at":"2025-03-26T13:41:26.000Z","dependencies_parsed_at":"2024-06-20T11:53:38.600Z","dependency_job_id":"bddc9e36-8a84-435e-a8f5-8a02f0802c5b","html_url":"https://github.com/staaldraad/xxeserv","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/staaldraad%2Fxxeserv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/staaldraad%2Fxxeserv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/staaldraad%2Fxxeserv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/staaldraad%2Fxxeserv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/staaldraad","download_url":"https://codeload.github.com/staaldraad/xxeserv/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247423515,"owners_count":20936626,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T10:01:04.009Z","updated_at":"2025-04-06T02:11:40.090Z","avatar_url":"https://github.com/staaldraad.png","language":"Go","funding_links":[],"categories":["Exploitation","Weapons"],"sub_categories":["XXE Injection","Tools"],"readme":"XXE-FTP\n----\n\nBasic FTP server to receive payloads from instances of XXE. This will record all data received and respond in a manner which ensures the client keeps sending data. This will keep listening until you shut it down, allowing for multiple XXE file retreivals via FTP. Java connections shouldn't hang connecting to this either.\n\nHas a unique \"uno port\" option, where everything is served from one port. This means you can serve HTTP/HTTPS/FTP over a single port. When a connection is received, the server will work out which protocol was requested, and handle it accordingly. This is not flawless, but works in most cases.\n\nFor more info, see the blog-post: [https://staaldraad.github.io/2016/12/11/xxeftp/](https://staaldraad.github.io/2016/12/11/xxeftp/)\n\n## Usage\n\nBuilt for Linux, so use\n\n```\n./xxeserv -p 2121\n```\n\nThere are multiple modes. The server can host both FTP and HTTP, thus making it capable of serving the DTD and receiving the FTP payload.\n\nTo start the web-server (off by default) use `-w`\n\n```\n./xxeserv -w\n```\n\nTo change the web-port, use `-wp`.\n\nTo Change the FTP port, use `-p`.\n\nThe DTD is served out of the CWD by default. To change, use `-wd`.\n\nTo save the data received via FTP to file, use `-o filename`. The file will be created if it doesn't exist.\n\n```\n./xxeserv --help \nUsage of ./xxeserv:\n  -o string\n        File location to log to\n  -p int\n        Port to listen on (default 2121)\n  -uno int\n        Global port to listen on (default 5000)\n  -w    Setup web-server for DTDs\n  -wd string\n        Folder to server DTD(s) from (default \"./\")\n  -wp int\n        Port to serve DTD on (default 2122)\n  -wps int\n        SSL Port to serve DTD on (default 2123)\n```\n\n## To build:\n\n```\ngo build\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstaaldraad%2Fxxeserv","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstaaldraad%2Fxxeserv","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstaaldraad%2Fxxeserv/lists"}