Support For XXE Attacks In SAML In Our Burp Suite Extension


In this post we present the new version of the Burp Suite extension EsPReSSO - Extension for Processing and Recognition of Single Sign-On Protocols. A DTD attacker was implemented on SAML services that was based on the DTD Cheat Sheet by the Chair for Network and Data Security (https://web-in-security.blogspot.de/2016/03/xxe-cheat-sheet.html). In addition, many fixes were added and a new SAML editor was merged. You can find the newest version release here: https://github.com/RUB-NDS/BurpSSOExtension/releases/tag/v3.1

New SAML editor

Before the new release, EsPReSSO had a simple SAML editor where the decoded SAML messages could be modified by the user. We extended the SAML editor so that the user has the possibility to define the encoding of the SAML message and to select their HTTP binding (HTTP-GET or HTTP-POST).

Redesigned SAML Encoder/Decoder

Enhancement of the SAML attacker

XML Signature Wrapping and XML Signature Faking attacks have already been part of the previous EsPReSSO version. Now the user can also perform DTD attacks! The user can select from 18 different attack vectors and manually refine them all before applying the change to the original message. Additional attack vectors can also be added by extending the XML config file of the DTD attacker.
The DTD attacker can also be started in a fully automated mode. This functionality is integrated in the BurpSuite Intruder.

DTD Attacker for SAML messages

Supporting further attacks

We implemented a CertificateViewer which extracts and decodes the certificates contained within the SAML tokens. In addition, a user interface for executing SignatureExclusion attack on SAML has been implemented.

Additional functions will follow in later versions.

Currently we are working on XML Encryption attacks.

This is a combined work from Nurullah Erinola, Nils Engelbertz, David Herring, Juraj Somorovsky, and Vladislav Mladenov.

The research was supported by the European Commission through the FutureTrust project (grant 700542-Future-Trust-H2020-DS-2015-1).

Related word


  1. Hackers Toolbox
  2. Hacking Apps
  3. Pentest Tools List
  4. Hacker Tools Windows
  5. Hack Tools Download
  6. Pentest Tools Find Subdomains
  7. Hack App
  8. Pentest Tools Website Vulnerability
  9. Pentest Tools For Android
  10. Beginner Hacker Tools
  11. Free Pentest Tools For Windows
  12. Pentest Tools Tcp Port Scanner
  13. Hacking Tools For Windows 7
  14. Pentest Tools Website
  15. Hack Tools Github
  16. Pentest Tools For Mac
  17. Pentest Tools Nmap
  18. Pentest Tools Online
  19. Hacking Tools Usb
  20. Hack Tools For Games
  21. Pentest Tools Website Vulnerability
  22. Tools Used For Hacking
  23. Hack Apps
  24. Hacker Tools Free
  25. Hacker Tools Mac
  26. Pentest Tools Open Source
  27. Hacking Tools Windows 10
  28. Underground Hacker Sites
  29. Hacker Tools 2020
  30. Beginner Hacker Tools
  31. Pentest Tools Website Vulnerability
  32. Pentest Tools Android
  33. Hacking Tools For Windows 7
  34. How To Install Pentest Tools In Ubuntu
  35. Hacking Apps
  36. Pentest Tools Kali Linux
  37. Pentest Tools For Windows
  38. How To Make Hacking Tools
  39. Nsa Hacker Tools
  40. Hacking Tools For Mac
  41. Hacker Tools For Windows
  42. Hacking Tools For Games
  43. Underground Hacker Sites
  44. Hak5 Tools
  45. Hacker Tools Free Download
  46. Hacking Tools Software
  47. Pentest Tools Subdomain
  48. Hacker Tools List
  49. Hack Tools Download
  50. Pentest Tools Website Vulnerability
  51. Pentest Tools Find Subdomains
  52. Nsa Hacker Tools
  53. Hacking App
  54. Hacker Search Tools
  55. Hacking Tools Usb
  56. Top Pentest Tools
  57. Physical Pentest Tools
  58. Hacking Tools For Kali Linux
  59. Hacking Tools 2020
  60. Pentest Tools For Mac
  61. Hacker Tools Online
  62. Hacker Tools Online
  63. Pentest Tools For Windows
  64. Hacking Tools For Windows Free Download
  65. Wifi Hacker Tools For Windows
  66. What Are Hacking Tools
  67. Hacker Tools List
  68. Pentest Tools Review
  69. Pentest Tools For Mac
  70. Top Pentest Tools
  71. Hacker Security Tools
  72. Hackers Toolbox
  73. Hacker Tools Windows
  74. Hacking Tools For Windows 7
  75. Hacker Techniques Tools And Incident Handling
  76. Pentest Tools Windows
  77. Pentest Tools Port Scanner
  78. Pentest Tools Kali Linux
  79. Hack Tools 2019
  80. Kik Hack Tools
  81. Pentest Tools Port Scanner
  82. Hacking Tools Mac
  83. Hacking Tools Free Download
  84. Physical Pentest Tools
  85. Kik Hack Tools
  86. Pentest Reporting Tools
  87. Hacking Tools Windows
  88. Blackhat Hacker Tools
  89. Easy Hack Tools
  90. Hack And Tools
  91. Pentest Automation Tools
  92. Pentest Tools Tcp Port Scanner
  93. Hacking Tools For Windows
  94. Pentest Tools Tcp Port Scanner
  95. Hack Tools 2019
  96. Hacker Tools Online
  97. Free Pentest Tools For Windows
  98. Pentest Tools Alternative
  99. Pentest Tools Port Scanner
  100. Hack Tools Online
  101. Pentest Tools Port Scanner
  102. Hack Apps
  103. Hacker Search Tools
  104. Wifi Hacker Tools For Windows
  105. Hacking Tools Download
  106. Pentest Tools Website Vulnerability
  107. Hak5 Tools
  108. Install Pentest Tools Ubuntu
  109. What Are Hacking Tools
  110. Hacking Tools For Beginners
  111. Growth Hacker Tools
  112. How To Hack
  113. Hack Apps
  114. Hacker Tools Mac
  115. Kik Hack Tools
  116. How To Install Pentest Tools In Ubuntu
  117. Tools 4 Hack
  118. Pentest Tools Alternative
  119. Computer Hacker
  120. Hacker Tools For Windows
  121. Hacker Tools Hardware
  122. Hack Tools Online
  123. New Hacker Tools

0 komentar: