Collaborate Disseminate
I am looking at different UI options for a microcontroller/SOC, the ESP32-S3. One option is a web site with a login and HTTPS running on a "light weight web server". However, I am not sure how secure it will be.
I am not worried … Continue reading Looking for Advice on Securing a UI implemented as a Web Site
I am trying to exploit a vulnerability in tomcat based on CVE-2020-13935.
I found online this interesting poc https://blog.redteam-pentesting.de/2020/websocket-vulnerability-tomcat/
In my case, the tomcat server is exposed through a revers… Continue reading can a tomcat application sitting behind a reverse proxy be exploited
I am working on a website at the moment which has a hefty stream of incoming data via web socket.
What is a reliable way to record this and store it for analysis later on? I would rather not write a custom proxy server.
I have already trie… Continue reading Recording web socket traffic for analysis [closed]
Websockets don’t support sending auth tokens during websocket handshake as part of HTTP headers, rather only via query parameters. This has a security risk of leaking these tokens in server logs. However, if we create these JWT tokens with… Continue reading Is it secure to send JWT tokens in url query parameters if we use nonce to make it a one time token?
I am studying the concept of sockets (and their types). I found the existence of the Sequenced packet socket, which to my conclusion works on top of the Sequenced packet protocol.
When I did a short research about the Sequenced packet prot… Continue reading What is the difference between the TCP and SPP protocols? [closed]
In RFC6455 section 10.3, it explains why they have made clients mask their outgoing frames (so that a malicious server cannot manipulate a client into sending something in plaintext, as the message could be a HTTP request which could be us… Continue reading Cache poisoning from rfc6455 (WebSockets) not requiring server message to be masked?
I read that book websockets are slower than api request if rate of request is Slow. This got me thinking about difference in their overhead, I couldn’t find the actual overhead for websocket, so I am asking question.
If I have understood Cross-Site WebSocket Hijacking (CSWSH) attack correctly [1][2][3][4], the attack relies on two things (examples are from the first reference):
the browser sending the cookies set by the victim domain (www.some-trading… Continue reading Why is the browser not sending cookies with cross-domain WebSocket handshake request?
Can a client script provide to the browser a certificate to accept in a wss:// connection? The WebSocket constructor does not seem to have many options.
(I am designing an IoT server that lets the owner share access with other users by ema… Continue reading Can a client script (running within a webpage) provide to the browser a certificate to accept in a wss:// connection?
I’ve been reading about WebSockets, and learned that they apply masking of messages using a XOR cipher. This is done in order to prevent attackers from being able to make the data they send using WebSockets look like an HTTP request, becau… Continue reading How does masking in WebSockets prevent cache poisoning if the attacker can write their own WebSocket client?