Exploiting WSDLs with Wsdler
Web Services Description Language (WSDL) is an XML-based language used to describe the functionality offered by a web service. Often while executing a pentest project, we may find a WSDL file out in the open, unauthenticated. In this recipe, we will look at how we can benefit from WSDL.
How to do it...
We intercept the request of WSDL in Burp:
- Right-click on the request and select
Parse WSDL
:
- Switch to the
Wsdler
tab, and we will see all the service calls. We can see the complete request by clicking on any one of them:
- To be able to play around with it, we will need to send it to the
Repeater
:
- We right-click and select
Send to Repeater
:
- In our case, we can see that putting a single quote throws up an error. And voila! We have an SQL injection possibility!
The following screenshot shows the SQL injection:
You will learn more about exploiting SQL in the later chapters of the book.