[![](https://blogger.googleusercontent.com/img/a/AVvXsEgJyVALIqobBePJ7AF6fxOgL7yeZOyJL8kZ-iqIitRH1Z8gfvWaScphMwWMiGXzoUf5_diBAv4jCVxUNfsIpy17goIRR-tZbKbjHjdYefVVoum9KEgk9lZua3Sor3QFDprpajX2IZOmQa1mzxGdwVF6NHcZ4Nw3sBIedOB8px5xslG-zzgRt38piMRGXw=w640-h364)]()
Erlik – [Vulnerable]( “Vulnerable” ) Soap Service
Tested – [Kali]( “Kali” ) 2022.1
## Description
It is a vulnerable SOAP web service. It is a [lab environment]( “lab environment” ) created for people who want to improve themselves in the field of web penetration testing.
## Features
It contains the following vulnerabilities.
* LFI
* SQL Injection
* Informaion Disclosure
* Command Inejction
* Brute Force
* Deserialization
## Installation
git clone
cd Vulnerable-Soap-Service
sudo pip3 install requirements.txt
## Usage
sudo python3 vulnerable_soap.py
[]( “Erlik – Vulnerable Soap Service (5)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEgyUO5_ung-EYlgmf8WqrpIs0PC7UemYh0hQSxApmF3tevnmNyAsZHo_4cgYukdmuOs8IpnNe5e0LcBXsA5KSXqfIjyNX0DeKo2TJBYXiFkU-cE3E55cphgFWryCyld-cxIurHe4WNo3FmU9CNDTJuppKFgVcYttX-7MfsrJ2hX984WPlixSgQPYqFhJw=w640-h76)]()
## Exploiting Vulnerabilities
### LFI
Code:
[]( “Erlik – Vulnerable Soap Service (7)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEgKL8hCFisc1ZwbNcAbD5Y9wboODPcldw2TT0iyBf43Az7C6JXEwmzmHq_fVhb-hzytN09w5rLm5ckpOLXSnsaS1V4QEnVWe0tjMu85CE-z41UryG6BVz8Vtk-4UjVATijW0N1gKCYkF6TQVwxt4hWuV8Mn_q0EBI_OuRcTKMGFH68pgw1Nv0E1NkLZZw=w474-h640)]()
### SQL Injection
Code:
[]( “Erlik – Vulnerable Soap Service (9)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEgJyVALIqobBePJ7AF6fxOgL7yeZOyJL8kZ-iqIitRH1Z8gfvWaScphMwWMiGXzoUf5_diBAv4jCVxUNfsIpy17goIRR-tZbKbjHjdYefVVoum9KEgk9lZua3Sor3QFDprpajX2IZOmQa1mzxGdwVF6NHcZ4Nw3sBIedOB8px5xslG-zzgRt38piMRGXw=w640-h364)]()
### Informaion Disclosure
Code:
[]( “Erlik – Vulnerable Soap Service (11)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEh-YShSqrr06u7v2t5HH8d3RRto9WLeMsa_rvpJF_Yqo3qyrPSJCXijD7Khg08p3j-i60nMawalzqPa7R23n7KadSh2BDHT39lX4EEWlWqjSQ4GzWVJGKlY85fyu3Cwq0aWG_D6mglHFbs_31dHh3PxQpw8yzR2n9StGeMS-SDoS2HqmOYHZfmm3sL6fA=w640-h512)]()
Code:
[]( “Erlik – Vulnerable Soap Service (13)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEjSjRw97e5KoDjCF-rpKxVrKmpP4opcfgJBCEtD_m-pWUQ1bzmrP8pRnZVbQFV2uFVRMT6k7eEmc8iub8m0tElVM_9MdGxAQ0_iR41KtmZw417OoGo1nYIRptyPRNwhsJ-x3u-se5rx5k8SCxAYjPHE2-I30AQe1eDXVMzXbAEQseCU_3LWgtRmLsztQg=w490-h640)]()
### Command Injection
Code:
[]( “Erlik – Vulnerable Soap Service (15)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEhSP3zmLmVx_CZKlnIhkKhCVMx4QZsjH5faXJeTRNvl75ku2N2-8KIeDCTQhkvTODX9l58__ebyCbYq5CUlLEyGlgFAWH1YD4qEZmemeor0vfLJN23IMx4Dz5i77b19XfeS9nH-ybVQ1heJztyFMbumdIavkQIVUsxxTkDzIKpQhcOH7MpzFxx6Aq45rg=w640-h360)]()
### Brute Force
Code:
[]( “Erlik – Vulnerable Soap Service (17)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEj92OEMWRoNNqAq2to6WPSrkVlZ8JHaARKxi0cCh2ug7wKU-g0zRWvOjrV0xxOPjlo0j1Zb98D0QbU8aq2ZlxznLdg4MmFsmdGM1Hi0ewA6Ji6kAFSTbJwWqVry1P1Xpo4PEK44N1Uyxetz1qsD255_jlfshZccz71zlJQ6OlD9as3f2kQ6SMlZUq2O-w=w540-h640)]()
### Deserialization
Code:
[]( “Erlik – Vulnerable Soap Service (20)” )[![](https://blogger.googleusercontent.com/img/a/AVvXsEjvlghHB3f4eyknZfHEtdzoFfZa866Yh_juVFuBrGX4W7oKAftXb_BpCHtCHgJT2kMX-VXgjrZ-eBGVZsadZ0t2sz1IZpti40u1BsYBioHSIJA30UnMJWAEOLPoHRpkv3AnAkz3DNcjD73xlXYSyv1T2IF3YBC1c1m6WCQF0qEQPvpspRMINEFP4F31vQ=w640-h378)]()
**[Download Vulnerable-Soap-Service]( “Download Vulnerable-Soap-Service” )**Read More