How much longer must we dwell, with W-S-D-L?

W-S-D-L,
it stands for Web Service Description Language
So we must not forget
which
application this came with.

It’s a XML-based file
exposed,
informing clients
of convention calling methods
and services that’s provided.

It should never be
be accessible,
But did the dev
try to hide it in an uncommon location?
Is the question though.

Suppose
you’re assessing a SOAP service residing
And have not been told
a W-S-D-L file is hiding.

Start by doing
a basic directory fuzz
on the service,
It’ll get logged
but not enough
to make Administrators nervous.

On one side
we scan with dirb
the other side it’s FFUF,
Like some times
we feel at peace,
but otherwise….
it’s rough.

Verify valid params
then issue a new request,
To identify the services
SOAP,
will let us test.

Now the next part of this quest,
Is to see if we can leverage,
the file that we’ve identified
so we can get our lettuce.

If SOAPAction attribute’s
that’s all
considered by the service…..
Guess what?
a spoofing vulnerability might surface.
Then,

How much longer must we dwell, with W-S-D-L?

I hope this was entertaining and intriguing enough for someone, somewhere to take away a new thing or two. Thanks for reading. As always, remember- You’re Awesome! Namaste’.

Please, clap, share, and subscribe for more!