Lesson Plan Title: How to Perform Web Service SQL Injection

Concept / Topic To Teach:

Web Services communicate through the use of SOAP requests. These requests are submitted to a web service in an attempt to execute a function listed in the web service definition language (WSDL).

General Goal(s):

Check the web service description language (WSDL) and try to obtain multiple customers credit card numbers. You will not see the results returned to this screen. When you believe you have succeeded, refresh the page and look for the 'green star'