Client / Exploit Writing

Sample Websocket Client (Python)

import websocket # pip3 install websocket-client
import ssl 
import json
import argparse
import _thread as thread

session_id = ""

def toJson(task,data):
    req = {
        "test": task,
    }
    return json.dumps(req)

# executed when connection is established
def on_open(ws):
    def run():
        while True:
            cmd = input()
            ws.send(toJson("ws_endpoint", cmd)) # sending the data to websocket
    thread.start_new_thread(run, ())

# executed on response from server that we connect to
def on_message(ws, message):
    mes = json.loads(message)

    if "session_id" in mes.keys():
        session_id = mes["session_id"]

    print(mes)

# handles errors
def on_error(ws, error):
    print(error)

# ending the connection
def on_close(ws):
    print("[+] Connection Closed")


if __name__ == "__main__":
    parser = argparse.ArgumentParser()

    parser.add_argument('--url', '-u',
                        required=True,
                        dest='url',
                        help='Websocket URL')
    parser.add_argument('--verbose', '-v',
                        help='Print more data',
                        action='store_true')
    args = parser.parse_args()

    websocket.enableTrace(args.verbose)
    ws = websocket.WebSocketApp(args.url,
                              on_message = on_message,
                              on_error = on_error,
                              on_close = on_close,
                              on_open = on_open)
    ws.run_forever(sslopt={"cert_reqs": ssl.CERT_NONE})
PreviousWorking with Websockets NextCross Site Scripting
Last updated 3 months ago