soapwn-wsdl-rce
OfficialExploit .NET SOAP WSDL flaws for RCE access.
Authordreadnode
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses the risk of undetected remote code execution in .NET applications that consume external SOAP services via WSDL import, where a silent type cast failure during deserialization allows attackers to write arbitrary executable files (like .aspx webshells) to the server via user-influenced WSDL URLs.
Core Features & Use Cases
- Endpoint Detection: Probes common SOAP/WCF/ASMX endpoints and validates .NET server response headers to confirm target viability.
- Exploit Parameter Validation: Tests for user-influenced WSDL URL parameters via JSON APIs and SOAP import headers, using out-of-band callbacks to confirm server-side fetching behavior.
- Payload Deployment & Fallbacks: Crafts malicious WSDL payloads to trigger file writes, verifies webshell accessibility, and provides alternative path suggestions and chaining options for blocked execution scenarios.
- Use Case: Red teamers assessing .NET applications that integrate third-party SOAP services can use this Skill to automate exploitation of the WSDL proxy deserialization flaw to gain initial access without triggering standard security alerts.
Quick Start
Use the soapwn-wsdl-rce skill to exploit a user-influenced WSDL URL parameter on a target .NET SOAP endpoint to deploy a functional webshell and gain remote code execution.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: soapwn-wsdl-rce Download link: https://github.com/dreadnode/capabilities/archive/main.zip#soapwn-wsdl-rce Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.