Back to directory

WRITEUP #3474

‘Websocket Hijacking’ to steal Session_ID of victim users

OtherCross-Site WebSocket Hijacking (CSWH)

by@sunilyedla2(Sunil Yedla)

Program

-

Published

Aug 25, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://sunilyedla.medium.com/websocket-hijacking-to-steal-session-id-of-victim-users-bca84243830

▸ RELATED WRITEUPS

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Ghost In The Ppl Part 1: Byovdll

OtherUse-After-Free

Part 2: From Byovdll To Arbitrary Code Execution In Lsass

OtherUse-After-Free

Built with ❤️ by Shubham Rawat