Saturday, August 22, 2020

Support For XXE Attacks In SAML In Our Burp Suite Extension


In this post we present the new version of the Burp Suite extension EsPReSSO - Extension for Processing and Recognition of Single Sign-On Protocols. A DTD attacker was implemented on SAML services that was based on the DTD Cheat Sheet by the Chair for Network and Data Security (https://web-in-security.blogspot.de/2016/03/xxe-cheat-sheet.html). In addition, many fixes were added and a new SAML editor was merged. You can find the newest version release here: https://github.com/RUB-NDS/BurpSSOExtension/releases/tag/v3.1

New SAML editor

Before the new release, EsPReSSO had a simple SAML editor where the decoded SAML messages could be modified by the user. We extended the SAML editor so that the user has the possibility to define the encoding of the SAML message and to select their HTTP binding (HTTP-GET or HTTP-POST).

Redesigned SAML Encoder/Decoder

Enhancement of the SAML attacker

XML Signature Wrapping and XML Signature Faking attacks have already been part of the previous EsPReSSO version. Now the user can also perform DTD attacks! The user can select from 18 different attack vectors and manually refine them all before applying the change to the original message. Additional attack vectors can also be added by extending the XML config file of the DTD attacker.
The DTD attacker can also be started in a fully automated mode. This functionality is integrated in the BurpSuite Intruder.

DTD Attacker for SAML messages

Supporting further attacks

We implemented a CertificateViewer which extracts and decodes the certificates contained within the SAML tokens. In addition, a user interface for executing SignatureExclusion attack on SAML has been implemented.

Additional functions will follow in later versions.

Currently we are working on XML Encryption attacks.

This is a combined work from Nurullah Erinola, Nils Engelbertz, David Herring, Juraj Somorovsky, and Vladislav Mladenov.

The research was supported by the European Commission through the FutureTrust project (grant 700542-Future-Trust-H2020-DS-2015-1).
Continue reading
  1. Hacking Tools Free Download
  2. Pentest Tools Online
  3. Hack Tools Download
  4. Pentest Tools Find Subdomains
  5. Hacking Tools Windows
  6. Nsa Hack Tools
  7. Hacker Tools For Pc
  8. Best Hacking Tools 2020
  9. Wifi Hacker Tools For Windows
  10. Hacker Tools 2019
  11. Hacking Tools 2019
  12. Usb Pentest Tools
  13. Hacking Tools Download
  14. Hacking Tools For Windows
  15. Top Pentest Tools
  16. Pentest Tools Open Source
  17. Hacker Tools Apk Download
  18. Pentest Tools Android
  19. Nsa Hack Tools Download
  20. Hacking Tools Pc
  21. Black Hat Hacker Tools
  22. Hacking Tools Mac
  23. Nsa Hacker Tools
  24. Hacks And Tools
  25. Hack Tools For Ubuntu
  26. Hack Rom Tools
  27. Hack Apps
  28. Hacker Tools List
  29. Hack Tools
  30. Pentest Tools List
  31. Hack App
  32. Hacker Tools 2019
  33. Github Hacking Tools
  34. New Hack Tools
  35. Hack Tools Pc
  36. Wifi Hacker Tools For Windows
  37. Hacking Tools
  38. Hacking Tools For Beginners
  39. Hack Tools For Pc
  40. Pentest Tools Bluekeep
  41. Best Pentesting Tools 2018
  42. Hacker Tools Windows
  43. New Hack Tools
  44. Hack Apps
  45. Hacking Tools For Pc
  46. Hack Apps
  47. Hacking Tools Github
  48. Nsa Hacker Tools
  49. Hack Tools
  50. Tools For Hacker
  51. Pentest Tools Android
  52. Hack Tools For Ubuntu
  53. Hacking Tools Windows 10
  54. Hacker Tools Free Download
  55. Hacking Tools
  56. Hacker Tools Mac
  57. Hacking Tools Free Download
  58. Hacking Tools Pc
  59. Hack And Tools
  60. Hack Tools For Pc
  61. Hacker Tools For Pc
  62. Hacking Tools
  63. Pentest Tools List
  64. Usb Pentest Tools
  65. Hacker Tools For Ios
  66. Hacking Tools For Mac
  67. Pentest Tools For Windows
  68. Hacking Tools
  69. Pentest Reporting Tools
  70. Hacking Tools Pc
  71. Android Hack Tools Github
  72. Pentest Tools For Windows
  73. Hacking Tools For Windows 7
  74. Pentest Tools List
  75. Hacking Tools
  76. Hacking Tools
  77. Game Hacking
  78. Pentest Tools Tcp Port Scanner
  79. Pentest Tools Port Scanner
  80. Hacking Tools Free Download
  81. Hacking Apps
  82. Pentest Tools For Android
  83. World No 1 Hacker Software
  84. Hacker Tools Free Download
  85. Best Pentesting Tools 2018
  86. How To Hack
  87. Hacking Tools For Beginners
  88. Hack Tools Download
  89. Pentest Tools Website
  90. Hacking Tools For Games
  91. Hack App
  92. Hack App
Posted by at

No comments:

Post a Comment

Have something to say about one of the videos or blogs, well here is a chance to do that now!!! Yes, you can do it, you know you can!!!!!

Subscribe to: Post Comments (Atom)