Releases: CompassSecurity/SAMLRaider
Releases · CompassSecurity/SAMLRaider
Release 1.3.0
First release in 2021 which contains new features:
- XSW match/replace function for faster XSW attacks
- XSW9 Attack (SimpleSAMLphp Nov2019 Auth Bypass)
- Buttons to directly apply XXE and XSLT attack (note: XXE does still not work correctly, see #22)
- Use Burp Suite text editor (introduces search functionality again)
- Parameter names of the SAML request and responses can now be configured in the certificate tab
Bug fixes:
- Bug fix in XSW1 and XSW2
Thanks a lot @simioni87 for your awesome contribution (#49)!
Happy SAML hacking 🤘
Release v1.2.5
I forgot to include the updates from the PortSwigger repository. This fixed that the extension works with OpenJDK 11
Release v1.2.4
Release v1.2.3
This is a bugfix release.
This release fixes the following issues:
Note:
- Because the RSyntaxTextArea was replaced with a normal Java Swing JTextArea, no syntax highlighting or text search is available anymore.
Enjoy your SAML testing 🤘
Release 1.2.2
@pajswigger from PortSwigger fixed a Java version incompatibility issue with OpenJDK 11, that is shipped in the bundled Burp version.
The plugin now works in Java 11.
This fixes the following issues:
Thanks @PortSwigger and @pajswigger!
Release 1.2.1
We got a pull-request (#13) with the following changes:
- Bugfix: The XSW diagram had some incorrect graphics. They are now fixed
- Fixed/improved some unit-tests.
A big thank to @thariyarox!
Release 1.2.0
- New feature: Support for SAMLRequest messages (Issue #11)
Release 1.1.1
New Features
- New Profile: Web Services Security: SAML Token Profile
- Now it's possible to manipulate SAML Assertions, which are transmitted in a WS-Security SAML Token Profile.
New Bug
- HTTP Content-Type:
multipart/form-data
- There is a bug in the Burp API when using our extension with the HTTP Content-Type:
multipart/form-data
. The edited parameter gets inserted to the message but the old original parameter is not being removed. Therefore two parameters with the same name are in the forwarded message.
We reported the bug to PortSwigger (https://support.portswigger.net/customer/portal/questions/14348527-parameter-of-http-post-with-content-type-multipart-form-data-could-not-be-updated). We will close the Issue #5 when the Burp API is fixed.
- There is a bug in the Burp API when using our extension with the HTTP Content-Type:
Security Fix
- Fixed XXE (CWE-611)
- If someone had installed the extension and intercepted, viewed in HTTP History or used in the Repeater a XML message with XXE in it, the entities were resolved. Every XML message got first parsed to determine if it is a SAMLMessage and if the SAML Raider tab had to be displayed. This issue is now fixed by disabling loading external dtd and disabling external entities.
Release 1.0.1 - Bugfixes
Two bugfixes for Issue #1
- Linebreaks are now not removed from an edited message
- Namespace definition in tags e.g. xmlns:saml="..." are retained in every situation
Release 1.0.0
This is our first release.