Web Services Attacks

Enumeration & Profiling

 <Service> - Webservice name

 <Operation> - Web Method

 <Element> - Data Types

 <Endpoint> - Webservice address

Parameter Tampering

 Meta characters injection

  ", ', &, %, $

 Data Type Mismatch

  Values belonging to different data types

  Values belonging to arrays or structures

 Large Buffer

  High Character Length

 Abnormal Values

  Highest Value

  Lowest Value

  Away from the boundary

XML Poisoning

OS Commands

 Junk Data

 "value" ! ls -r

SOAP Message Tampering

 Bruteforcing using *

 Bruteforcing using username/password files

 Parameter Guessing

HTTP Method Tampering

 Convert GET to POST

 Convert POST to GET

SQL Injectiong

 ', ", -, *, (

 1' or 1=1

Directory Traversal

 Fault code message contains directory/file information

 ../../../../autoexec.bat