Open
Description
It would be great to give sqlmap a WSDL file or WSDL url, it parses it and start assessing each tag method for SQL injections. Example: http://demo.testfire.net/bank/ws.asmx?WSDL.
Support for SOAP parsing/injection has been already implemented, see http://bernardodamele.blogspot.com/2010/06/sqlmap-and-soap-based-web-services.html. Need to extend it to forge different "URLs" for each method of the parsed WSDL.