This module is intended for use in providing a fast way to exploit XXE vulnerabilities discovered during manual testing. It is specifically intended for use with vulnerabilities in which the content obtained via XXE cannot be returned in the body of the request, and must be obtained via Yunusov-Osipov-style out-of-band XXE data exfiltration (generally limited to PHP-based applications).

Users should read the detailed tutorial on the generic On The Outside, Reaching In modules (at http://www.beneaththewaves.net/Software/) before attempting to use this module.

Because this module is designed for out-of-band data exfiltration, users should also read the detailed tutorials regarding Squiz Matrix and Mahara to understand how to use She Wore A Mirrored Mask in conjunction with On The Outside, Reaching In.