HTML5 security defense: Web Socket attacks

One of the best functions of HTML5, WebSocket allows the browser to open the Socket connection to the destination port of a specific IP address. It provides full-duplex bidirectional communication based on TCP Socket and supports message push, this greatly reduces unnecessary traffic between servers and browsers. For example, we can use it to implement QQ message pop-up windows or Weibo new message notifications, so that we can better implement Web applications.

Message push for iPhone

 

HTML5 limits the ports that can be used by Web Socket, but it may become the carrier of attackers. Imagine opening a page that opens a Socket connection and performs a port scan of an internal IP address. If Port Scan finds an open port 80 on the internal network, a tunnel may be created through your browser. This will actually bypass the firewall and allow access to internal content.

WebSocket communication principle

Web Socket brings the following threats:

• Become a backdoor

• Port Scanning

• Botnets (one-to-many connections)

• Construct a WebSocket-based Sniffer

JS-Recon is an HTML5-based JavaScript Network detection tool that can use WebSocket to perform network and port scanning.

JS-Recon

 

Related Articles:

HTML5 security risk details: CORS attacks

HTML5 Security Risk Analysis II: WebStorage attacks

HTML5 security risk details 3: WebSQL attacks

HTML5 security risk details 4: Web Worker attacks

HTML5 security risk details 5: hijacking attacks
HTML5 security risk details 6: API attacks
HTML5 security defense 7: new tag attacks