-
Notifications
You must be signed in to change notification settings - Fork 104
Test 11) Weak WS SecurityPolicy: Tokens Not Protected
Yalçın YOLALAN edited this page Mar 28, 2018
·
2 revisions
Vulnerability Type Static
Test Web Service URI http://[yourhostName]/TokensNotProtected.wsdl
Vulnerable Code Block The following WS-SecurityPolicy entry omits the tag:
<sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<s0:Policy xmlns:s0="http://schemas.xmlsoap.org/ws/2004/09/policy">
<sp:InitiatorToken>
<s0:Policy>
<sp:SamlToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<s0:Policy>
<sp:WssSamlV11Token10 />
</s0:Policy>
</sp:SamlToken>
</s0:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<s0:Policy>
<sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<s0:Policy>
<sp:WssX509V3Token10 />
</s0:Policy>
</sp:X509Token>
</s0:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<s0:Policy>
<sp:Basic256 />
</s0:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<s0:Policy>
<sp:Lax />
</s0:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<!--<sp:ProtectTokens/>-->
<sp:OnlySignEntireHeadersAndBody />
</s0:Policy>
</sp:AsymmetricBinding>
Indications of Vulnerability
Static analysis reveals that the wsdl file does not contain ProtectTokens XML tag.
- Home
- Installation
- Usage
- Default Parameter Values
- Scope
- Donation
-
Testing Activities
- XML Bombs
- External Entity Attacks
- Insecure Communication
- Insufficient Authentication Test
- Cross Site Scripting
- SQL Injection
- XPATH Injection
- Verbose SOAP Fault Message
- Weak WS-SecurityPolicy: Insecure Transport
- Weak WS-SecurityPolicy: Insufficient Supporting Token Protection
- Weak WS-SecurityPolicy: Tokens Not Protected
- Weak XML Schema: Undefined Namespace
- Weak XML Schema: Unbounded Occurrences