XSL PHP
This exercise covers the exploitation of a PHP application using XSL
Course
In this challenge, we are going to explore Extensible Stylesheet Language (XSL) and its potential to trigger unexpected behaviors in PHP applications that utilize them. XSL is a language used to transform XML documents into other formats such as HTML, XML, or even PDF. By leveraging the syntax `
The PHP XSL processor also allows the execution of native PHP functions if the developer calls `registerPHPFunctions()` on the `XSLTProcessor()` object, though this feature is disabled by default. In this challenge, you'll focus on using XSL to retrieve local files from the filesystem, such as by using the syntax `document('/etc/passwd')` to get the content of `/etc/passwd`. The task is to create an XSL file that reads the key from `/app/key.txt` and upload it to complete the challenge.