Suppose we have discovered a XXE-vulnerability and trying to do blind OOB local files content extraction. There are some different ways to do this. I recently had to use FTP-extraction (AFAIK, this was due to vulnerable service Java version – it didn’t allowed the HTTP-extraction of some files, e.g. /etc/passwd). I have used the following…