Pentest Book
Search…
Web Sockets
1
WebSockets are a bi-directional, full duplex communications protocol initiated over HTTP. They are commonly used in modern web applications for streaming data and other asynchronous traffic.
2
3
WebSocket connections are normally created using client-side JavaScript like the following:
4
var ws = new WebSocket("wss://normal-website.com/chat");
5
6
To establish the connection, the browser and server perform a WebSocket handshake over HTTP. The browser issues a WebSocket handshake request like the following:
7
GET /chat HTTP/1.1
8
Host: normal-website.com
9
Sec-WebSocket-Version: 13
10
Sec-WebSocket-Key: wDqumtseNBJdhkihL6PW7w==
11
Connection: keep-alive, Upgrade
12
Cookie: session=KOsEJNuflw4Rd9BDNrVmvwBF9rEijeE2
13
Upgrade: websocket
14
15
If the server accepts the connection, it returns a WebSocket handshake response like the following:
16
HTTP/1.1 101 Switching Protocols
17
Connection: Upgrade
18
Upgrade: websocket
19
Sec-WebSocket-Accept: 0FFP+2nmNIf/h+4BP36k9uzrYGk=
20
21
Several features of the WebSocket handshake messages are worth noting:
22
• The Connection and Upgrade headers in the request and response indicate that this is a WebSocket handshake.
23
• The Sec-WebSocket-Version request header specifies the WebSocket protocol version that the client wishes to use. This is typically 13.
24
• The Sec-WebSocket-Key request header contains a Base64-encoded random value, which should be randomly generated in each handshake request.
25
• The Sec-WebSocket-Accept response header contains a hash of the value submitted in the Sec-WebSocket-Key request header, concatenated with a specific string defined in the protocol specification. This is done to prevent misleading responses resulting from misconfigured servers or caching proxies.
Copied!
Last modified 1yr ago
Export as PDF
Copy link