portswigger-all-labs

Complete PortSwigger Web Security Academy Lab Writeups Detailed, categorized solutions for every lab — from APPRENTICE to EXPERT — covering all 30 vulnerability types.

View on GitHub

Labs Covered

This write-up focuses on APPRENTICE labs from the PortSwigger Web Security Academy related to WebSockets:

1 Manipulating WebSocket messages to exploit vulnerabilities (APPRENTICE)

This lab demonstrates how attackers can manipulate WebSocket messages directly to exploit application vulnerabilities.

LAB 1 - Manipulating WebSocket messages to exploit vulnerabilities

Lab Description

image

Solution

The lab application is a shop website offering chat support. After loading the page, I go straight to the chat feature. So I start annoying the agent:

I clicked hello and king and it is given at chat feature

image

The message exchange runs via WebSockets, with me sending messages to the server and the server sending back whatever needs to be written in the chat on my side (including a mirror of my own messages):

image

First I send client message to repeater

image

So I put the message into Repeater and start playing around and enter h2 in tag.

image

As we can see below the result is now in h2 tag is refelected in website but when I REFRESH IT WILL Gone because we have make changes on client side

image

I try running a script via an <img> tag

image

As we can see that we have making change in client side an the website it is giving us alert but after refresh it will be gone

image

So Now we have send server side request on repeater to make change permenatly

image

Genrating alert in img because whetver we type is written in html tags.

image

Of course, as the content gets reflected, I also get that popup, confirming that it worked at least on my side:After reflected lab will be solved

SO we have make changes on sever side ,after refresh alert message is coming and lab is solved.

image