sqlmap icon indicating copy to clipboard operation
sqlmap copied to clipboard

Published 20 hours ago verified publisher icon sqlmapproject

Web services WSDL parsing support

Open bdamele opened this issue 13 years ago • 0 comments

It would be great to give sqlmap a WSDL file or WSDL url, it parses it and start assessing each tag method for SQL injections. Example: http://demo.testfire.net/bank/ws.asmx?WSDL.

Support for SOAP parsing/injection has been already implemented, see http://bernardodamele.blogspot.com/2010/06/sqlmap-and-soap-based-web-services.html. Need to extend it to forge different "URLs" for each method of the parsed WSDL.

bdamele avatar Jun 26 '12 15:06 bdamele