Web Service Attacks By Category

From WS-Attacks
Jump to navigation Jump to search

This wiki aims at listing all web service specific attacks. It includes attacks that are:

  • based on flaws in standards
  • implementation specific weaknesses across all major platforms

Attacks that are implementation specific for certain versions of certain frameworks are not included in this wiki to date.

Attack categories

The web service specific attacks are not listed alphabetically. Instead 4 different categories were created that are used to list the web service specific attacks. In order to view the attacks just click on one of the four categories, depending on your point of view. Each categorisation contains the same attacks.

List of all attacks

Attacks primarily violating the security objective “Availability”

BPEL Instantiation Flooding

BPEL Indirect Flooding

BPEL State Deviation

Coercive Parsing

Oversized XML DOS aka Oversized XML attack

Reference Redirect

Recursive Cryptography aka Oversized Cryptography aka Cryptography DOS aka XML Complexity Attack in Soap Header

Soap Array Attack

SOAP Parameter DOS aka Parameter Tampering

WS-Addressing spoofing

XML Document Size Attack aka Oversize payload attack aka Jumbo payload Attack

XML Encryption - Transformation DOS

XML External Entity DOS

XML Entity Expansion

XML Entity Reference Attack

XML Flooding

XML Signature - Key Retrieval DOS

XML Signature – Transformation DOS

Attacks primarily violating the security objective "Integrity"

Active WS-MITM

Metadata Spoofing aka Schema Poisoning

XML Signature Wrapping aka XML Rewriting

XML Signature Exclusion

Attacks primarily violating the security objective “Confidentiality”

Passive WS-MITM aka Message Sniffing aka Message Snopping

WSDL Disclosure

Adaptive Chosen-Ciphertext Attacks

Backwards Compatibility Attacks

Attacks primarily violating the security objective “Access Control”

Replay Attack

SOAPAction Spoofing

Other attacks

Attack Obfuscation

XML Injection

XML Signature - Key Retrieval XSA (Cross Site Attack)

XML Signature – XSLT Code Execution

Xpath Injection