Using ServiceCapture, Ethereal, Charles or some SOAP sniffer software to inspect the XML sent on wire.
Here is XML snippet in the SOAP header.
<wsse:usernametoken wsu:id=”….” xmlns:wsu=”….”>
<wsse:username>xxxxxx</wsse:username>
<wsse:password type=”….”>
fCQCp/A9wFD/Gku0L+yF/u+0leg=
</wsse:password>
<wsse:nonce>eSM7S/iT0KyA39vuWPQcPQ==</wsse:nonce>
<wsu:created>1975-12-01T05:28:36Z</wsu:created>
</wsse:usernametoken>
[STAThread]
static void Main()
{
List<string> wordList = new List<string>();
//Load your word list here [...]
Continue reading about WSE UsernameToken Password SendHashed - Crack
SELECT
‘nameValue’ AS “@name”,
CAST(’<!– your comment –>’ AS XML),
‘anotherValue’ AS “another”,
(SELECT ‘i’ AS “@name”, ‘1′ AS “@value” FOR XML PATH(’item’), TYPE),
(SELECT ‘j’ AS “@name”, ‘2′ AS “@value” FOR XML PATH(’item’), TYPE)
FOR XML PATH(’sample’), ROOT(’root’)
output
<root>
<sample name=”nameValue”>
[...]
Continue reading about SQL 2005 generates XML comment, array of elements