coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update cross-site-websocket-hijacking-cswsh.md

Browse Source 
Corrected typos on line 81 and 82
This commit is contained in:
Anoduck 2023-05-20 09:28:25 +00:00 committed by GitHub
parent d30ce4e500
commit 2ab2af5bcb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pentesting-web/cross-site-websocket-hijacking-cswsh.md
View File

@ -78,8 +78,8 @@ websocat -s 0.0.0.0:8000 #Listen in port 8000
## MitM websocket connections
If you find that clients are connection to a **HTTP websocket** from your current local network you could try an [ARP Spoofing Attack ](../generic-methodologies-and-resources/pentesting-network/#arp-spoofing)to perform a MitM attack between the client and the server.\
Once the client is trying to connect to you you can use:
If you find that clients are connected to a **HTTP websocket** from your current local network you could try an [ARP Spoofing Attack ](../generic-methodologies-and-resources/pentesting-network/#arp-spoofing)to perform a MitM attack between the client and the server.\
Once the client is trying to connect to you can then use:
```bash
websocat -E --insecure --text ws-listen:0.0.0.0:8000 wss://10.10.10.10:8000 -v