Article’s PDF file: https://soroush.me/downloadable/getting_shell_with_xamlx_files.pdf
I have recently published a blog post on use of .XAMLX files to execute command on an IIS based application.
This blog has been has been published by NCC and is accessible here: https://research.nccgroup.com/2019/08/23/getting-shell-with-xamlx-files/
Here is its little Twitter story:
This technique can come in handy when dealing with a file uploader that uses a blacklist approach to stop malicious extensions.