The Legendary Command Injection via Password
·
By
Tim MalcomVetter,
Chris Bellows
·
When you work with a talented team of penetration testers, after a while only the most noteworthy vulnerabilities stand out in the collective memory of the team. Chris has found more than one of those, but one exploit in particular has resurfaced in team discussions for over a year. The story of this exploit has taken on a life of its own, growing in its embellishment to near-legend status within the team.
Continue reading
Using Burp Suite to Test Web Services with WS-Security
·
By
Chris Bellows
·
During a recent engagement we ran into a web service endpoint that was using WS-Security for authentication, specifically it was using the “Username Token” profile. At first look it did not appear to be an issue for testing as it looks like we only needed to include the proper credentials in the SOAP document header, unfortunately it was a bit more complicated.
Continue reading
