Abusing Insecure Windows Communication Foundation (WCF) Endpoints Abusing Insecure Windows Communication Foundation (WCF) Endpoints

Abusing Insecure WCF Endpoints

Exposure of Dangerous Methods Through Insecure WCF Endpoints

A Gateway for Normal Users to Abuse Privileged Service Methods

Windows Communication Foundation (WCF) is a framework for building service-oriented applications in the .NET Framework.

A trend that the VerSprite Research team noticed in .NET services is the exposure of dangerous methods through insecure WCF endpoints. Additionally, most of these services are started automatically as LocalSystem, which is the highest user privilege level available.

This results in a situation where a WCF endpoint may become a gateway for normal users to abuse privileged service methods.

Identify Vulnerable WCF Services

Download this presentation for a high-level overview of the WCF terminals and receive a practical analysis.

  • Learn useful techniques to identify vulnerable WCF services
  • Discover what to look for when analyzing decomposed .NET assemblies, including those that have been obfuscated
  • Watch a demonstration of attacks against real software

View Presentation

We are an international squad of professionals working as one.

logos