Merge pull request #646 from anoduck/patch-1
Update cross-site-websocket-hijacking-cswsh.md
This commit is contained in:
commit
8c3ad1340e
@ -78,8 +78,8 @@ websocat -s 0.0.0.0:8000 #Listen in port 8000
|
||||
|
||||
## MitM websocket connections
|
||||
|
||||
If you find that clients are connection to a **HTTP websocket** from your current local network you could try an [ARP Spoofing Attack ](../generic-methodologies-and-resources/pentesting-network/#arp-spoofing)to perform a MitM attack between the client and the server.\
|
||||
Once the client is trying to connect to you you can use:
|
||||
If you find that clients are connected to a **HTTP websocket** from your current local network you could try an [ARP Spoofing Attack ](../generic-methodologies-and-resources/pentesting-network/#arp-spoofing)to perform a MitM attack between the client and the server.\
|
||||
Once the client is trying to connect to you can then use:
|
||||
|
||||
```bash
|
||||
websocat -E --insecure --text ws-listen:0.0.0.0:8000 wss://10.10.10.10:8000 -v
|
||||
|
Loading…
Reference in New Issue
Block a user