Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/anil-yelken/Vulnerable-Soap-Service
Erlik - Vulnerable Soap Service
https://github.com/anil-yelken/Vulnerable-Soap-Service
appsec owasp soap soap-python soap-web-app soap-webservice vulnerabilities vulnerability vulnerability-detection vulnerable-application vulnerable-soap-server vulnerable-soap-service vulnerable-web-app vulnerable-web-application web web-application web-hacking web-penetration-testing web-pentest web-pentesters
Last synced: 3 months ago
JSON representation
Erlik - Vulnerable Soap Service
- Host: GitHub
- URL: https://github.com/anil-yelken/Vulnerable-Soap-Service
- Owner: anil-yelken
- License: gpl-3.0
- Created: 2022-08-17T17:20:32.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2022-09-29T08:28:58.000Z (almost 2 years ago)
- Last Synced: 2024-01-21T02:09:09.359Z (6 months ago)
- Topics: appsec, owasp, soap, soap-python, soap-web-app, soap-webservice, vulnerabilities, vulnerability, vulnerability-detection, vulnerable-application, vulnerable-soap-server, vulnerable-soap-service, vulnerable-web-app, vulnerable-web-application, web, web-application, web-hacking, web-penetration-testing, web-pentest, web-pentesters
- Language: Python
- Homepage:
- Size: 1.32 MB
- Stars: 92
- Watchers: 2
- Forks: 24
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-pentest-cheat-sheets - Vulnerable SOAP Web Service - a vulnerable SOAP web service lab environment (Learning Platforms / Off-Line)
- awesome-pentest-cheat-sheets - Vulnerable SOAP Web Service - a vulnerable SOAP web service lab environment (Learning Platforms / 🗝 Privilege Escalation)
README
# Vulnerable-Soap-Service
Erlik - Vulnerable Soap ServiceTested - Kali 2022.1
## Description
It is a vulnerable SOAP web service. It is a lab environment created for people who want to improve themselves in the field of web penetration testing.
## Features
It contains the following vulnerabilities.
-LFI
-SQL Injection
-Information Disclosure
-Command Injection
-Brute Force
-Deserialization
## Installation
git clone https://github.com/anil-yelken/Vulnerable-Soap-Servicecd Vulnerable-Soap-Service
sudo pip3 install -r requirements.txt
## Usage
sudo python3 vulnerable_soap.py
## Exploiting Vulnerabilities
### LFI
Code:https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/lfi.py
### SQL Injection
Code:https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/sqli.py
### Information Disclosure
Code:https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/get_logs_information_disclosure.py
Code:https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/get_data_information_disclosure.py
### Command Injection
Code:https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/commandi.py
### Brute Force
Code:https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/brute.py
### Deserialization
Code:
https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/deserialization_socket.py
https://github.com/anil-yelken/Vulnerable-Soap-Service/blob/main/deserialization_requests.py