Script that automates the scanning of a target network for HTTP resources through XXE.
After receiving the DTD, the XML parser will attempt to substitute the trigger parameter entity with its value. The trigger parameter entity includes both test_target and callback. Now here we rely on the fact that XML parsers will normally process the parameter entities one by one. In case the substitution of an entity fails, they will not proceed with the substitution of the subsequent entities. So now, if we receive a callback to our server, it means that the substitution of the callback parameter entity was initiated which with its turn means that the resource pointed by the test_target exists.
The procedure is repeated for all the provided hosts/ports.