-
Notifications
You must be signed in to change notification settings - Fork 410
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
dde12f4
commit 5762f92
Showing
1 changed file
with
43 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,52 +1,58 @@ | ||
<?php | ||
// Pull in the NuSOAP code | ||
require_once('./lib/nusoap.php'); | ||
// Create the server instance | ||
// Pull in the NuSOAP library | ||
use nusoap_server; | ||
|
||
// Assuming nusoap_server is the class you need from the nusoap library | ||
require_once './lib/nusoap.php'; | ||
|
||
// Create the SOAP server instance | ||
$server = new soap_server(); | ||
// Initialize WSDL support | ||
|
||
// Initialize WSDL (Web Service Definition Language) support | ||
$server->configureWSDL('hellowsdl', 'urn:hellowsdl'); | ||
// Register the method to expose | ||
$server->register('hello', // method name | ||
array('name' => 'xsd:string'), // input parameters | ||
array('return' => 'xsd:string'), // output parameters | ||
'urn:hellowsdl', // namespace | ||
'urn:hellowsdl#hello', // soapaction | ||
'rpc', // style | ||
'encoded', // use | ||
|
||
// Register the "hello" method to expose as a SOAP function | ||
$server->register( | ||
'hello', // method name | ||
array('name' => 'xsd:string'), // input parameter | ||
array('return' => 'xsd:string'), // output parameter | ||
'urn:hellowsdl', // namespace | ||
'urn:hellowsdl#hello', // SOAP action | ||
'rpc', // style | ||
'encoded', // use | ||
'Says hello to the caller | ||
<br/><br/> | ||
Sample Request (Copy and paste into Burp Repeater)<br/> | ||
<br/>POST /mutillidae/webservices/soap/ws-hello-world.php HTTP/1.1 | ||
<br/>Accept-Encoding: gzip,deflate | ||
<br/>Content-Type: text/xml;charset=UTF-8 | ||
<br/>SOAPAction: "urn:hellowsdl#hello" | ||
<br/>Content-Length: 438 | ||
<br/>Host: localhost | ||
<br/>Connection: Keep-Alive | ||
<br/>User-Agent: Apache-HttpClient/4.1.1 (java 1.5) | ||
<br/> | ||
<br/><soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:hellowsdl"> | ||
<br/> <soapenv:Header/> | ||
<br/> <soapenv:Body> | ||
<br/> <urn:hello soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> | ||
<br/> <name xsi:type="xsd:string">Fred</name> | ||
<br/> </urn:hello> | ||
<br/> </soapenv:Body> | ||
<br/></soapenv:Envelope>' // end documentation | ||
<br/><br/> | ||
Sample Request (Copy and paste into Burp Repeater)<br/> | ||
<br/>POST /mutillidae/webservices/soap/ws-hello-world.php HTTP/1.1 | ||
<br/>Accept-Encoding: gzip,deflate | ||
<br/>Content-Type: text/xml;charset=UTF-8 | ||
<br/>SOAPAction: "urn:hellowsdl#hello" | ||
<br/>Content-Length: 438 | ||
<br/>Host: localhost | ||
<br/>Connection: Keep-Alive | ||
<br/>User-Agent: Apache-HttpClient/4.1.1 (java 1.5) | ||
<br/> | ||
<br/><soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:hellowsdl"> | ||
<br/> <soapenv:Header/> | ||
<br/> <soapenv:Body> | ||
<br/> <urn:hello soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> | ||
<br/> <name xsi:type="xsd:string">Fred</name> | ||
<br/> </urn:hello> | ||
<br/> </soapenv:Body> | ||
<br/></soapenv:Envelope>' // end documentation | ||
); | ||
|
||
// Define the method as a PHP function | ||
// Define the "hello" method | ||
function hello($name) { | ||
return 'Hello, ' . $name; | ||
return 'Hello, ' . $name; | ||
} | ||
|
||
// Handle the SOAP request with error handling | ||
try { | ||
// Use the request to (try to) invoke the service | ||
// Process the incoming SOAP request | ||
$server->service(file_get_contents("php://input")); | ||
} catch (Exception $e) { | ||
error_log("SOAP Server Error: " . $e->getMessage()); // Log the error for debugging | ||
// Optionally send a fault response back to the client | ||
$server->fault('Server', "SOAP Server Error: " . $e->getMessage()); | ||
// Send a fault response back to the client | ||
$server->fault('Server', "SOAP Service Error: " . $e->getMessage()); | ||
} | ||
?> |