Task 19, Day 13 WebSockets It came without buffering! It came without lag!
WebSockets let your browser and the server keep a contanst line of communication open. Great for things like live chat apps, real-time games, and live data feeds. Since there is no need for extra requests once the line is opened, there’s less overhead and faster communications.
WebSocket Vulnerabilities
Since WebSockets stay open and active, they can be taken advantage of if proper security measures aren’t in place. Common vulnerabilities to be aware of:
Weak Authentication and Authorisation: WebSockets don’t have built-in ways to handle user auth or session validation like HTTP does. If controls aren’t setup properly, attackers can slip in and get access to what they shouldn’t have.
Message Tampering: Since there is a constant flow of data and attacker could intercept and change messages if there’s no encryption. This could allow harmful command injection, performing actions they shouldn’t, or corrupting the sent data.
Cross-Site WebSocket Hijacking (CSWSH): Attacker tricks a user’s browser into oppening a WebSocket connection to another site. If successful, the attack could use that connection to access data meant for the legitimate server.
Denial of Service: When targeted for a DoS attack, the server could be flooded with a ton of meassages, potentially slowing it down or even crashing it.
WebSocket Message Manipulation
When an attacker intercepts and changes the messages sent between browser and server. if for a transaction, they could bypass security checks, send unauthorized requests, or alter important data like usernames, payment amounts, or access levels, possibly rerouting payments to a different account. Since the WebSockets connection is open in reaal-time, all changes are immediate. Messages could also be changes to grant admin rights or insert malicious commands to take over the server.
Since WebSockets don’t have the same security protections as traditional HTTP connections, devs need to add vigorous checks like message validation or encryption. The impact of changin messages depends on how the app uses the data and what kind of data it is. Four possible outcomes include:
Doing Things Without Permission: It’s possible to impersonate another user and carry out unauthorized actions, like making purchases, transferring funds, or changing account settings.
Gaining Extra Privileges: Manipulate messages to appear to have mor privileges than they actually do. Could access admin controls, change user data, view sensitive info, or mess with system settings.
Messing Up Data: Possible to feed bad data into system.
Crashing the System: Spam the server with bad requests, causing it to slow or crash. System could go offline causing serious downtime.
Exploitation (The Task)
Turn on FoxyProxy and open Burp Suite to Proxy > Intercept > Proxy settings > WebSocket interception rules. In this instance, enable intercepting both directions. Use the intercept to track different cars and inject messages for other people.