Creating a mutational fuzzer to programatically parse SOAP definitions and fuzz SOAP endpoints for possible sqli errors.


m3rcer

This Program implements XML classes from core libraries programatically parsing WSDL into its respective components and finds endpoints to fuzz via the HTTP/SOAP protocol to find relevant SQL injection vulnerabilities.

View/Download the Visual Studio Project

WSDL Document layout:

Image

The program is divided into component classes for easier code management.

Program Components:

(Click to view each code block)

The WSDL Class - Encompasses the WSLD document.

Parsing subclasses - Parse the WSDL defintions.

SoapType subclass

SoapMessage subclass

SoapPortType subclass

SoapBinding sublcass

The MAIN class - Fuzz data in WSDL

OUTPUT:

Image

Inference:

Both the GetUser and DeleteUser operations are potentially vulnerable to SQL injection in the username parameter. The ListUsers operation reports no potential SQL injections, which makes sense because it has no parameters to begin with.