XML Signature Wrapping

XML Signature Wrapping (XSW) is an attack against XML digital signatures where the attacker manipulates the document structure to make the application process unsigned content while signature validation passes on different content.

How It Works

XML signatures reference specific elements by ID. If an application validates the signature on one element but processes a different element with the same ID (or in an expected location), attackers can inject malicious content.

Attack Variants

XSW #1: Cloning signed element

<Response>
  <Signature>
    <Reference URI="#original"/>  <!-- Validates this -->
  </Signature>

  <Assertion ID="original">
    <Subject>admin@example.com</Subject>  <!-- MALICIOUS -->
  </Assertion>

  <Assertion ID="original">  <!-- Original moved here -->
    <Subject>user@example.com</Subject>
  </Assertion>
</Response>

XSW #2: Wrapping in new element

<Response>
  <MaliciousAssertion>
    <Subject>admin@example.com</Subject>
  </MaliciousAssertion>

  <OriginalWrapper>
    <Signature>...</Signature>
    <Assertion ID="legit">
      <Subject>user@example.com</Subject>
    </Assertion>
  </OriginalWrapper>
</Response>

Why It Works

• Signature validation uses XPath/ID reference
• Application logic uses different selection method
• XML allows multiple elements with same ID
• Libraries may not enforce strict document structure

Prevention

• Ensure signed element is exactly what's processed
• Reject documents with duplicate IDs
• Use strict schema validation
• Verify assertion is direct child of signed response

PentesterLab Exercises

• SAML Exercises

See Also

• SAML
• SAML Assertion
• XML External Entity (XXE)