From tssci

"This week, I was doing an internal penetration test for a client of a web service, which is used by applications loaded on kiosk machines around the country. I didn’t have much time to do the test, so I had a couple advantages, like having network access to the service, the WSDL and also ability to interact with the developers. This also gave me a chance to see how capable our web application firewall was at being able to detect attacks.

I had some trouble with WSFuzzer, and kept getting “XML Fault” errors like the one below:

There was an anomaly encountered in interfacing with the provided target. The neuroFuzz team is aware of these situational conditions and we are looking into the root cause(s) …

If you would like to help with this type of research send the following data along with some details about the target service to [email protected]

Response: XML Fault

Ok, no big deal — I’ll just write my own! I loaded up soapUI and put in the WSDL address, and soapUI was able to generate the XML requests according to the WSDL. soapUI automatically puts a question mark placeholder into the input areas, so I then saved these as individual XML files — one for each service method."

Read more: http://www.tssci-security.com/archives/2008/12/14/writing-a-web-services-fuzzer-in-5-minutes-to-sql-injection/