Web Services Description Language (WSDL) is an XML-based language used to describe the functionality offered by a web service. Often while executing a pentest project, we may find a WSDL file out in the open, unauthenticated. In this recipe, we will look at how we can benefit from WSDL.
We intercept the request of WSDL in Burp:
- Right-click on the request and select
Parse WSDL
:
- Switch to the
Wsdler
tab, and we will see all the service calls. We can see the complete request by clicking on any one of them:
- To be able to play around with it, we will need to send it to the
Repeater
:
- We right-click and select
Send to Repeater
:
- In our case, we can see that putting a single quote throws up an error. And voila! We have an SQL injection possibility!
The following screenshot shows the SQL injection:
You will learn more about exploiting SQL in the later chapters of the book.