ssrf-xxe-methodology

该技能与“exploit”定位一致，但其实际能力是为 AI 代理提供进攻性 SSRF/XXE 利用手册，包括本地文件读取、内网探测、云元数据访问和盲外带回连。不存在明显供应链安装风险，但进攻性安全能力、数据外传路径和可对真实目标造成影响的自主操作使其整体属于高风险、可疑且不应视为普通 benign 技能。

The fragment is not executable malware; it is static, highly actionable adversarial guidance for SSRF/XXE exploitation and filter-bypass payload construction. While it has no direct runtime sinks, its dual-use nature meaningfully increases security risk if packaged or consumed by automated tooling that could operationalize these instructions.

This document is a clear, actionable XXE attack guide. It instructs how to read local files, obtain source code via php://filter, and perform blind exfiltration using external DTDs. It targets common parsers and document formats (SOAP, SVG, DOCX) and includes bypass techniques for filters. Treat this as malicious/instructional content and consider it high-risk: any XML parser that allows external entity processing and external DTD retrieval is vulnerable. Remediation: disable external entity expansion and external DTD loading, use safe XML parsing libraries or settings (e.g., disable DOCTYPE, disable network access for DTDs), validate/transform untrusted uploads, and apply least privilege to file access on servers.