Support For XXE Attacks In SAML In Our Burp Suite Extension

In this post we present the new version of the Burp Suite extension EsPReSSO - Extension for Processing and Recognition of Single Sign-On Protocols. A DTD attacker was implemented on SAML services that was based on the DTD Cheat Sheet by the Chair for Network and Data Security (https://web-in-security.blogspot.de/2016/03/xxe-cheat-sheet.html). In addition, many fixes were added and a new SAML editor was merged. You can find the newest version release here: https://github.com/RUB-NDS/BurpSSOExtension/releases/tag/v3.1

New SAML editor

Before the new release, EsPReSSO had a simple SAML editor where the decoded SAML messages could be modified by the user. We extended the SAML editor so that the user has the possibility to define the encoding of the SAML message and to select their HTTP binding (HTTP-GET or HTTP-POST).

Redesigned SAML Encoder/Decoder

Enhancement of the SAML attacker

XML Signature Wrapping and XML Signature Faking attacks have already been part of the previous EsPReSSO version. Now the user can also perform DTD attacks! The user can select from 18 different attack vectors and manually refine them all before applying the change to the original message. Additional attack vectors can also be added by extending the XML config file of the DTD attacker.
The DTD attacker can also be started in a fully automated mode. This functionality is integrated in the BurpSuite Intruder.

DTD Attacker for SAML messages

Supporting further attacks

We implemented a CertificateViewer which extracts and decodes the certificates contained within the SAML tokens. In addition, a user interface for executing SignatureExclusion attack on SAML has been implemented.

Additional functions will follow in later versions.

Currently we are working on XML Encryption attacks.

This is a combined work from Nurullah Erinola, Nils Engelbertz, David Herring, Juraj Somorovsky, and Vladislav Mladenov.

The research was supported by the European Commission through the FutureTrust project (grant 700542-Future-Trust-H2020-DS-2015-1).

Related news

1. Hacker Tools 2020
2. Kik Hack Tools
3. Hackrf Tools
4. Hack Tools Download
5. Kik Hack Tools
6. Best Pentesting Tools 2018
7. Hacking App
8. Hacker
9. Hacker Security Tools
10. Hack Tool Apk No Root
11. Pentest Tools Windows
12. Hacker Tools Windows
13. Hacker Security Tools
14. Hacker Hardware Tools
15. What Is Hacking Tools
16. Hacking Tools Pc
17. Beginner Hacker Tools
18. Hacker Tools
19. Hack App
20. Tools 4 Hack
21. Hack Tools Download
22. Pentest Tools
23. Pentest Tools List
24. Hacker Security Tools
25. Hacking Tools For Windows 7
26. Hacking Tools And Software
27. Hacking Tools Name
28. Pentest Tools Bluekeep
29. Hack Tools
30. Hack App
31. Tools Used For Hacking
32. Hack Tools Download
33. Hack Tools
34. Hacking Tools For Windows 7
35. Hacking Tools Github
36. Pentest Tools Linux
37. Pentest Tools Linux
38. Hacking Tools For Games
39. Computer Hacker
40. Hack Tools For Windows
41. Hacking Tools Windows
42. New Hacker Tools
43. Hack Tools Mac
44. Hacking Tools And Software
45. Hacker Tools Github
46. Hacks And Tools
47. Hacking Tools 2020
48. New Hack Tools
49. Hacking Tools Usb
50. Hack Tools Github
51. Hacker Tools For Windows
52. Pentest Tools Framework
53. Blackhat Hacker Tools
54. Hacking Tools Download
55. Nsa Hacker Tools
56. Pentest Tools Free
57. Hacking Tools Mac
58. Hacking Tools Hardware
59. Pentest Tools Website
60. Game Hacking
61. Pentest Tools Find Subdomains
62. Hacker Tools Windows
63. Hacker Tools Software
64. Hacker Tools Mac
65. Best Hacking Tools 2020
66. Hacker Techniques Tools And Incident Handling
67. Hack Tool Apk
68. Pentest Tools Windows
69. Hacker Tools Mac
70. Physical Pentest Tools
71. What Are Hacking Tools
72. Pentest Tools Review
73. Hacker Tools Hardware
74. Hacking Tools Free Download
75. Pentest Tools Framework
76. Hacking Tools For Games
77. Hack Tools For Ubuntu
78. Hacking Tools Mac
79. Hacking Tools
80. Hacking Tools Kit
81. Hacker
82. How To Make Hacking Tools
83. Hacker Tools List
84. Wifi Hacker Tools For Windows
85. Pentest Tools For Ubuntu
86. Hack Rom Tools
87. World No 1 Hacker Software
88. Hack Tools For Windows
89. Termux Hacking Tools 2019
90. Hacker Tools
91. World No 1 Hacker Software
92. Hacking Tools Windows
93. Hacking Tools Github
94. Android Hack Tools Github
95. Hacker Tools For Ios
96. Pentest Tools For Android
97. Pentest Tools For Windows
98. Hacker Tools Github
99. Hack Rom Tools
100. Hacking Tools Windows
101. Install Pentest Tools Ubuntu
102. Computer Hacker
103. Hacker Tools 2019
104. Android Hack Tools Github
105. Hack And Tools
106. Hacker Tools Online
107. Hack Tools Download
108. Hacking Tools Windows
109. Hacker Tools Free Download
110. Hacking Tools For Kali Linux
111. Pentest Tools Windows
112. Hacker Tools Linux
113. Pentest Tools Website
114. Hack Tools Pc
115. Bluetooth Hacking Tools Kali
116. Hack Tools For Games
117. Hacker Tools Mac
118. New Hack Tools
119. Hack Tools Pc
120. New Hack Tools
121. Hacker Tools For Pc
122. Hacker Tools Hardware
123. Hacker Tools Apk Download
124. Pentest Tools Tcp Port Scanner
125. How To Make Hacking Tools
126. Hacker Tools 2020
127. Best Hacking Tools 2019
128. Hacker Tools Github
129. Hacker Tools Free
130. Hack Tools For Ubuntu
131. Hacking Tools 2019
132. Hacking Tools And Software
133. Hacker Tools Mac
134. Hacker Tools Apk Download
135. Pentest Tools Windows
136. Underground Hacker Sites
137. Hacker Tool Kit
138. Best Hacking Tools 2019
139. Bluetooth Hacking Tools Kali
140. Hacker Tools For Pc
141. Pentest Tools
142. Growth Hacker Tools
143. Pentest Tools For Android
144. Hacking App
145. Hacker Tools Free
146. Best Hacking Tools 2020
147. Hacker Tools Hardware