Meow's CyberAttack - Application/Server Attacks - Injection - SOAP injection
book: CEH Prep ch6
Meow’s CyberAttack - Application/Server Attacks - Injection - SOAP injection
SOAP injection
Simple Object Access Protocol (SOAP) is designed to exchange structured information > in web services in computer networks and uses XML > to format information.
You can inject malicious query strings (much like SQL injection, as a matter of fact) that may allow you to bypass authentication and access databases behind the scenes.
SOAP is compatible with HTTP and SMTP, and messages are typically “one way” in nature.
This post is licensed under CC BY 4.0 by the author.
Comments powered by Disqus.