From the course: Ethical Hacking: Session Hijacking
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Understanding WebSockets - Linux Tutorial
From the course: Ethical Hacking: Session Hijacking
Understanding WebSockets
- [Voiceover] With the release of HTML5, more sophisticated state management capabilities are available to the web developer. WebSockets provide the ability to set up a full duplex communications channel between the client and the server, this requires a handshake over HTTP or HTTPS to upgrade the protocol to WS or WSS and a WebSocket server to manage the protocol. Firstly the client initiates a connection by sending an HTTP WebSocket handshake request, then the server responds with a status code of 101 switching protocols, in then switches to WebSockets and both the web browser and the web server communicate using the WebScocket API, according to RFC 6455, the WebSocket protocol. Websocketd is an easy to use WebSocket server, written by Joe Walnes, which we can load into our Ubuntu system, we can get the zip file of this server from his GitHub page, unpack it, and it'll be ready for use. Okay, we've downloaded the file, so now let's unzip it. Let's take a look at what we've got…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
(Locked)
Understanding web sessions4m 8s
-
(Locked)
Understanding WebSockets2m 41s
-
(Locked)
Banking on Zero1m 10s
-
(Locked)
Hijacking sessions using man-in-the-browser4m 32s
-
(Locked)
Intercepting sessions through man-in-the-middle4m 17s
-
(Locked)
Stripping SSL to downgrade the session1m 54s
-
(Locked)
Hijacking an HTTP session through cookies3m 20s
-
(Locked)
Using Subterfuge to hijack sessions through ARP poisoning7m 8s
-
(Locked)
Using Webscarab-NG as a web proxy3m 14s
-
(Locked)
Defeating the Hijack3m 6s
-
(Locked)
-
-
-
-