filmov
tv
Portswigger - WebSockets - Lab #2 Cross site WebSocket hijacking
Показать описание
Hello Hackers, in this video of Cross site WebSocket hijacking you will see how to exploit and discover WebSockets handshake and interpect the message from Burp Suite in a lab from Web Security Academy powered by Portswigger
⚠️ Subscribe to my channel ➡️ @popo_hack ⚠️
0:00 - About the Lab
0:36 - Testing Live Chat
2:13 - Exploit XSS attack
4:15 - Method 1: Use Interpect to manipulate the message
5:15 - Method 2: Use Reptear to manipulate the message
🔍 About the Lab
Lab: Cross-site WebSocket hijacking
Level: Practitioner
This online shop has a live chat feature implemented using WebSockets.
To solve the lab, use the exploit server to host an HTML/JavaScript payload that uses a cross-site WebSocket hijacking attack to exfiltrate the victim's chat history, then use this gain access to their account.
✅ What to do ?
1. Click "Live chat" and send a chat message.
2. Reload the page.
3. In Burp Proxy, in the WebSockets history tab, observe that the "READY" command retrieves past chat messages from the server.
4. In Burp Proxy, in the HTTP history tab, find the WebSocket handshake request. Observe that the request has no CSRF tokens.
5. Right-click on the handshake request and select "Copy URL".
6. In the browser, go to the exploit server and paste the following template into the "Body" section: See the video about the CSRF code
8. Click "View exploit".
9. Poll for interactions in the Collaborator tab. Verify that the attack has successfully retrieved your chat history and exfiltrated it via Burp Collaborator. For every message in the chat, Burp Collaborator has received an HTTP request. The request body contains the full contents of the chat message in JSON format. Note that these messages may not be received in the correct order.
10. Go back to the exploit server and deliver the exploit to the victim.
11. Poll for interactions in the Collaborator tab again. Observe that you've received more HTTP interactions containing the victim's chat history. Examine the messages and notice that one of them contains the victim's username and password.
12. Use the exfiltrated credentials to log in to the victim user's account.
Thank you for watching my video, if you have any questions or any topics recommendation feel free to write them on the comment below 🙋
#WebSecurityAcademy #portswigger #websocket #vulnerability
⚠️ Subscribe to my channel ➡️ @popo_hack ⚠️
0:00 - About the Lab
0:36 - Testing Live Chat
2:13 - Exploit XSS attack
4:15 - Method 1: Use Interpect to manipulate the message
5:15 - Method 2: Use Reptear to manipulate the message
🔍 About the Lab
Lab: Cross-site WebSocket hijacking
Level: Practitioner
This online shop has a live chat feature implemented using WebSockets.
To solve the lab, use the exploit server to host an HTML/JavaScript payload that uses a cross-site WebSocket hijacking attack to exfiltrate the victim's chat history, then use this gain access to their account.
✅ What to do ?
1. Click "Live chat" and send a chat message.
2. Reload the page.
3. In Burp Proxy, in the WebSockets history tab, observe that the "READY" command retrieves past chat messages from the server.
4. In Burp Proxy, in the HTTP history tab, find the WebSocket handshake request. Observe that the request has no CSRF tokens.
5. Right-click on the handshake request and select "Copy URL".
6. In the browser, go to the exploit server and paste the following template into the "Body" section: See the video about the CSRF code
8. Click "View exploit".
9. Poll for interactions in the Collaborator tab. Verify that the attack has successfully retrieved your chat history and exfiltrated it via Burp Collaborator. For every message in the chat, Burp Collaborator has received an HTTP request. The request body contains the full contents of the chat message in JSON format. Note that these messages may not be received in the correct order.
10. Go back to the exploit server and deliver the exploit to the victim.
11. Poll for interactions in the Collaborator tab again. Observe that you've received more HTTP interactions containing the victim's chat history. Examine the messages and notice that one of them contains the victim's username and password.
12. Use the exfiltrated credentials to log in to the victim user's account.
Thank you for watching my video, if you have any questions or any topics recommendation feel free to write them on the comment below 🙋
#WebSecurityAcademy #portswigger #websocket #vulnerability
0:02:10
Manipulating WebSocket handshakes with Burp Suite
0:01:55
Manipulating WebSocket messages with Burp Suite
0:06:13
How to test WebSockets with Burp Suite
0:13:19
Portswigger - WebSockets - Lab #2 Cross site WebSocket hijacking
0:10:46
PortSwigger ALL WebSockets Lab Solution
0:06:22
Portswigger - WebSockets - Lab #1 Manipulating WebSocket messages to exploit vulnerabilities
0:07:52
Cross-site WebSocket hijacking | portswigger
0:04:12
PortSwigger Manipulating WebSocket messages to exploit vulnerabilities
0:08:13
Hack WebSockets with Burp Suite
0:11:14
Portswigger labs (Websocket lab-2)
0:06:55
Lab: Cross-Site WebSocket Hijacking (no Burp Collaborator needed!)
0:10:08
WebSockets 2 | Cross-site WebSocket Hijacking #BugBounty
0:05:45
Cross site WebSocket hijacking (Video solution)
0:01:26
Manipulating WebSocket messages to exploit vulnerabilities (Video solution)
0:05:13
Portswigger labs (Websocket Vulnerability lab-1)
0:04:24
Manipulating the WebSocket handshake to exploit vulnerabilities | portswigger
0:14:15
WebSocket 1 | Manipulating WebSocket Messages to Exploit Vulnerabilities #BugBounty
0:16:50
Web Security Academy | Websockets | 1 - Manipulating Websocket Messages To Exploit Vulnerabilities
1:19:21
Web Security Academy | Websockets | 2 - Manipulating Websocket Handshake To Exploit Vulnerabilities
0:02:47
Manipulating WebSocket messages to exploit vulnerabilities | portswigger
0:14:44
Cross-site WebSocket hijacking Lab03
0:04:48
Lab: Manipulating WebSocket messages to exploit vulnerabilities
0:05:57
Manipulating the WebSocket handshake to exploit vulnerabilities
0:05:19
WebSocket : Cross Site Hijacking || PortSwigger || BurpSuite || WebAcademy || Webapplication || 2020
Комментарии