Pentest Book
Search…
Web Sockets
1
WebSockets are a bi-directional, full duplex communications protocol initiated over HTTP. They are commonly used in modern web applications for streaming data and other asynchronous traffic.
2
3
WebSocket connections are normally created using client-side JavaScript like the following:
4
var ws = new WebSocket("wss://normal-website.com/chat");
5
6
To establish the connection, the browser and server perform a WebSocket handshake over HTTP. The browser issues a WebSocket handshake request like the following:
7
GET /chat HTTP/1.1
8
Host: normal-website.com
9
Sec-WebSocket-Version: 13
10
Sec-WebSocket-Key: wDqumtseNBJdhkihL6PW7w==
11
Connection: keep-alive, Upgrade
12
Cookie: session=KOsEJNuflw4Rd9BDNrVmvwBF9rEijeE2
13
Upgrade: websocket
14
15
If the server accepts the connection, it returns a WebSocket handshake response like the following:
16
HTTP/1.1 101 Switching Protocols
17
Connection: Upgrade
18
Upgrade: websocket
19
Sec-WebSocket-Accept: 0FFP+2nmNIf/h+4BP36k9uzrYGk=
20
21
Several features of the WebSocket handshake messages are worth noting:
22
• The Connection and Upgrade headers in the request and response indicate that this is a WebSocket handshake.
23
• The Sec-WebSocket-Version request header specifies the WebSocket protocol version that the client wishes to use. This is typically 13.
24
• The Sec-WebSocket-Key request header contains a Base64-encoded random value, which should be randomly generated in each handshake request.
25
• The Sec-WebSocket-Accept response header contains a hash of the value submitted in the Sec-WebSocket-Key request header, concatenated with a specific string defined in the protocol specification. This is done to prevent misleading responses resulting from misconfigured servers or caching proxies.
26
27
# Tool
28
https://github.com/PalindromeLabs/STEWS
Copied!
Export as PDF
Copy link
Edit on GitHub