Engine_4Suite

Last modified by Nicolas Gregoire on 2012/01/23 12:24

Introduction

4Suite is a Python based XSLT engine by Fourthought Inc.

Supported version

1.0

Command line

$> 4xslt foo.xml foo.xsl

Identification strings

xsl:vendor-urlhttp://4Suite.org
xsl:vendorFourthought Inc.
xsl:version1

Special features

  • File access (read and write)
  • Leak $CWD and paths to binaries 

Reading files

NamespaceExtension functionParametersPoC
http://xmlns.4suite.org/extdoc-as-string()file, encoding4suite-doc-as-string.xsl

This is documented here.

Writing files

NamespaceExtension elementParametersPoC
http://exslt.org/commondocumenthref4suite-exsl-document.xsl

This is documented here.

Information leak

NamespaceExtension functionPoC
http://xmlns.4suite.org/extbin-path()4suite-bin-path.xsl
http://xmlns.4suite.org/extospath2uri()4suite-ospath2uri.xsl
http://xmlns.4suite.org/exturi2ospath()4suite-uri2ospath.xsl
     

Welcome

Welcome on the XSLT Hacking Encyclopedia !

You may be interested by the Engines and Applications pages.

Link to the blog
Twitter: @Agarri_FR

Tag Cloud

Failed to execute the [velocity] macro. Cause: [The execution of the [velocity] script macro is not allowed in [xhe:XWiki.TagCloud]. Check the rights of its last author or the parameters if it's rendered from another script.]. Click on this message for details.

Content by Nicolas Grégoire / Agarri
Blog - Follow me @Agarri_FR