Burp Suite User Forum

Create new post

BURP WS-Security SOAP Webservices security testing

Tejo | Last updated: Jan 24, 2018 07:43PM UTC

I see the raw request with junk data for one of the operation in Wsdler. I added the Send to Intruder for the request in wsdler operation and when I navigate to Intruder, I encountered an error.Can you please suggest the way how I can add the keystore to make the encryption and decryption successful and how to verify the security of the web services?

PortSwigger Agent | Last updated: Jan 25, 2018 10:26AM UTC

Hi Tejo, Thanks for getting in touch. Unfortunately, we can only provide limited support for extensions in the BApp Store. You may get a better response from the extension author. Two questions though: 1) Can you share the URL of the WSDL you're working with? 2) We're not quite sure what kind of encryption you would encounter within a WSDL file. Can you provide some screenshots? Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.