A command-line tool designed to test and connect to a WebSocket which are vulnerable to Cross-Site WebSocket Hijacking vulnerability.
CSWSH tool can connect to both standard and socket.io based WebSockets.
- A standard websocket will have the functionality of sending messages to the server and receiving messages from the server.
- A socket.io based websocket will have only the ping functionality to check if the connection is successful or not.
CSWSH works with Python 3 and has few dependencies.
To install these dependencies, navigate to the source directory and execute pip3 install -r requirements.txt
CSWSH tool provides the below options while connecting to a websocket server.
$ python3 cswsh.py "wss://echo.websocket.org"$ python3 cswsh.py "https://example.com/socket.io/" -sioOn successful connect, send websocket ping message 2probe and server will respond with 3probe as an acknowledgment of the successful connection.
To add custom headers in the request use -h option
$ python3 cswsh.py "wss://echo.websocket.org" -h "Authorization: Bearer AbCdEf123456"To add cookies in the request use -c option
$ python3 cswsh.py "wss://echo.websocket.org" -c "sessionID=AbCdEf123456"To add custom origin header in the request use -o option
$ python3 cswsh.py "wss://echo.websocket.org" -o "http://localhost:8080"If you don't want the tool to verify the server certificate, use -i option
$ python3 cswsh.py "wss://echo.websocket.org" -iIf you would like to show some support, please connect with me on twitter