AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

WCF Unsafe Metadata Publishing

Detailed metadata information of an application endpoints may allow attackers to deduce internal details of an application that will leverage further attacks



Fix Cost


Trust Level


Publishing metadata allows clients to retrieve the service description information using a WS-Transfer GET request or an HTTP(S)/GET request with or without using the ?wsdl query string such as below;

or just,

Here’s an insecure WCF service metadata directive;

<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />

Same effect with code;

var smb = svcHost.Description.Behaviors.Find <ServiceMetadataBehavior>();  
if (smb == null)
smb = new ServiceMetadataBehavior();
smb.HttpGetEnabled = true;

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!