Scanning Web Services
Web Services, like any other internet-dependent systems, present new exploit possibilities and increase the need for security audits. The Web Services Scanner performs automated vulnerability scans for Web Services and generates a detailed security report of the results.
Screenshot 66 – Web Services Scanner
Starting a Web Service Scan
- From the ‘Tools Explorer’ select Web Services Scanner and click the New Scan button in the toolbar to launch the Web Service Scan Wizard. Specify the URL of an online or local WSDL and choose a scanning profile. Click Next to proceed.
- In the ‘Selection’ step, select the Web Services, Ports and Operations that must be scanned. The number of inputs accepted by each operation and the URL of the ports will be displayed in the Details section.
- Enter specific input values (optional) for the scanner to use as Web Service Operations in the ‘Default Values’ step.
- Proceed to the scan summary, review it and click Finish to launch the scan.
Web Services Editor
Screenshot 67 – Web Services Editor
The Web Services Editor allows importing of online or local WSDL for custom editing and execution of various web service operations, for an in depth analysis of WSDL requests and responses. The editor also features syntax highlighting for all languages, making it easy to edit SOAP headers and customize manual attacks. Editing and sending of Web Services SOAP messages is very similar to editing normal requests sent via the HTTP Editor.
Importing WDSL and Sending Request
- Click on the ‘Web Services Editor’ node in the tools explorer and enter the URL of the WSDL, or locate the local directory where the local WSDL file is stored. Click Import to import all WSDL information.
- From the drop down menus in the toolbar, select the Service, Port and Operation that must be tested.
- Specify a value for the operation and click Send to pass the SOAP request to the web service. The web server response can then be viewed in a structured or XML view type in the lower window pane.
Displays the response sent back from the web service in raw XML format.
Structured Data Tab
Presents the XML data received from the web service response using a hierarchy of nodes that show the value for each element.
WSDL Structure Tab
Presents a detailed view of the web service data as provided by the WSDL Structure.
The WSDL information is structured in the form of nodes and sub-nodes and the main nodes of the tree structure are XML Schema and Services.
The XML Schema node lists all the ComplexTypes and the Elements of the web service. The Services node lists all the web service ports and their respective operations together with the resource details of the source of the SOAP data.
A more detailed WSDL structure can also be shown by ticking the Show detailed WSDL structure at the bottom of the screen. This will provide extensive information for each sub-node of the Services node structure such as input messages and parameters.
This tab shows the actual WDSL data in the form of XML tags. Using the toolbar provided at the bottom of the screen you can search for certain keywords or elements in the source code and also change the syntax highlighting if needed.
HTTP Editor Export
In the Web Services Editor you can export a SOAP request to the HTTP Editor by clicking on the HTTP Editor button in the Web Services Editor toolbar. The HTTP Editor tool will automatically import the data so the request can be customized and sent as an HTTP POST request.