Saturday, August 29, 2020

Support For XXE Attacks In SAML In Our Burp Suite Extension


In this post we present the new version of the Burp Suite extension EsPReSSO - Extension for Processing and Recognition of Single Sign-On Protocols. A DTD attacker was implemented on SAML services that was based on the DTD Cheat Sheet by the Chair for Network and Data Security (https://web-in-security.blogspot.de/2016/03/xxe-cheat-sheet.html). In addition, many fixes were added and a new SAML editor was merged. You can find the newest version release here: https://github.com/RUB-NDS/BurpSSOExtension/releases/tag/v3.1

New SAML editor

Before the new release, EsPReSSO had a simple SAML editor where the decoded SAML messages could be modified by the user. We extended the SAML editor so that the user has the possibility to define the encoding of the SAML message and to select their HTTP binding (HTTP-GET or HTTP-POST).

Redesigned SAML Encoder/Decoder

Enhancement of the SAML attacker

XML Signature Wrapping and XML Signature Faking attacks have already been part of the previous EsPReSSO version. Now the user can also perform DTD attacks! The user can select from 18 different attack vectors and manually refine them all before applying the change to the original message. Additional attack vectors can also be added by extending the XML config file of the DTD attacker.
The DTD attacker can also be started in a fully automated mode. This functionality is integrated in the BurpSuite Intruder.

DTD Attacker for SAML messages

Supporting further attacks

We implemented a CertificateViewer which extracts and decodes the certificates contained within the SAML tokens. In addition, a user interface for executing SignatureExclusion attack on SAML has been implemented.

Additional functions will follow in later versions.

Currently we are working on XML Encryption attacks.

This is a combined work from Nurullah Erinola, Nils Engelbertz, David Herring, Juraj Somorovsky, and Vladislav Mladenov.

The research was supported by the European Commission through the FutureTrust project (grant 700542-Future-Trust-H2020-DS-2015-1).

Related word


  1. Hacker Tools For Pc
  2. Hacker Tools 2019
  3. Pentest Tools Subdomain
  4. Usb Pentest Tools
  5. Hacker Tools Linux
  6. Tools For Hacker
  7. Hack Tools Pc
  8. World No 1 Hacker Software
  9. Best Pentesting Tools 2018
  10. Computer Hacker
  11. Pentest Tools Kali Linux
  12. Hack Tools
  13. Wifi Hacker Tools For Windows
  14. Hack Tools For Ubuntu
  15. Pentest Tools Port Scanner
  16. Termux Hacking Tools 2019
  17. Nsa Hacker Tools
  18. Hacker Tools Apk
  19. Hak5 Tools
  20. Hacker Techniques Tools And Incident Handling
  21. Pentest Tools Review
  22. Hacker Tools Software
  23. Hack Tools For Ubuntu
  24. Hacking Tools Mac
  25. Hacking Tools Windows 10
  26. Pentest Tools For Android
  27. Hack Tools 2019
  28. Pentest Tools Apk
  29. Hacker Search Tools
  30. Hack Rom Tools
  31. Hacking Tools Online
  32. Hack Tool Apk No Root
  33. Wifi Hacker Tools For Windows
  34. Hacking App
  35. Pentest Tools Linux
  36. Hack Tools Mac
  37. Hacker
  38. Pentest Automation Tools
  39. What Are Hacking Tools
  40. Pentest Tools Open Source
  41. Ethical Hacker Tools
  42. Pentest Tools Free
  43. Pentest Tools Windows
  44. Hackrf Tools
  45. Hacking Tools Github
  46. Blackhat Hacker Tools
  47. Hacking Tools For Kali Linux
  48. Hacker Tools Online
  49. Nsa Hack Tools Download
  50. Github Hacking Tools
  51. Hacking Tools Windows 10
  52. Hacker Tools For Mac
  53. Hack Tools
  54. Hack Tools Github
  55. How To Hack
  56. Best Hacking Tools 2020
  57. Best Hacking Tools 2019
  58. Pentest Automation Tools
  59. Hacker Hardware Tools
  60. Pentest Tools Alternative
  61. Hacking Tools Online
  62. Hacking Tools For Windows Free Download
  63. Hacking Tools Kit
  64. Hacker Tools For Mac
  65. Hacker Tools List
  66. Pentest Tools List
  67. Pentest Tools Free
  68. Hack And Tools
  69. Hacking Tools For Windows 7
  70. Hacker Search Tools
  71. Ethical Hacker Tools
  72. Pentest Automation Tools
  73. Usb Pentest Tools
  74. Pentest Tools Website
  75. Hacker Tools Software
  76. Underground Hacker Sites
  77. Hacking Apps
  78. Tools For Hacker
  79. Easy Hack Tools
  80. Pentest Tools Website
  81. Hacker Tools Apk
  82. Termux Hacking Tools 2019
  83. Pentest Tools Framework
  84. Hacking Tools For Kali Linux
  85. Hacking Tools For Mac
  86. How To Hack
  87. Hacker Techniques Tools And Incident Handling
  88. How To Install Pentest Tools In Ubuntu
  89. Hacker Search Tools
  90. Hacking Tools Software
  91. Hacker Tools Mac
  92. Pentest Tools Bluekeep
  93. Hack Tools For Ubuntu
  94. Hack And Tools
  95. Easy Hack Tools
  96. Hacking Tools Mac
  97. Kik Hack Tools
  98. Hacker Tools Hardware
  99. Bluetooth Hacking Tools Kali
  100. Pentest Recon Tools
  101. Pentest Box Tools Download
  102. Pentest Tools Alternative
  103. Computer Hacker
  104. Hack Tool Apk
  105. Hacker Tools For Windows
  106. Hacking Tools For Windows
  107. Pentest Tools Free
  108. Hacker Tools Mac
  109. Hacker Tools Apk
  110. Hacking Tools Name
  111. Hacking Tools For Mac
  112. Hacking Tools
  113. Hacker Tools For Ios
  114. Free Pentest Tools For Windows
  115. Pentest Tools Review
  116. Hack App
  117. Nsa Hacker Tools
  118. Hacker Tools Apk
  119. Hacker Tools Free Download
  120. What Is Hacking Tools
  121. Hack And Tools
  122. Pentest Tools For Windows
  123. Bluetooth Hacking Tools Kali
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)