A Gateway for Normal Users to Abuse Privileged Service Methods
Windows Communication Foundation (WCF) is a framework for building service-oriented applications in the .NET Framework.
A trend that the VerSprite Research team noticed in .NET services is the exposure of dangerous methods through insecure WCF endpoints.
Additionally, most of these services are started automatically as LocalSystem, which is the highest user privilege level available.
This results in a situation where a WCF endpoint may become a gateway for normal users to abuse privileged service methods.
Identify Vulnerable WCF Services
Download this presentation for a high-level overview of the WCF terminals and receive a practical analysis.
- Learn useful techniques to identify vulnerable WCF services
- Discover what to look for when analyzing decomposed .NET assemblies, including those that have been obfuscated
- Watch a demonstration of attacks against real software