This is the final part about reverse engineering a game and found a SSRF vulnerability in it. We're going to take a look at the network protocol and try to understand what's going on, then how it could be modified to inject custom data.
During this holiday I had some time to try a new game; while I was playing it I asked myself if I could do some digging and found any vulnerability. This is the journey that took me from reverse engineering the game until I found an interesting SSRF.
As most of the people out there, Burp is my favourite security tool. Sadly, when you're dealing with websockets, it lacks several features. In order to edit and replay requests, you have to chain another proxy (after applying some customizing).
15% concentrated power of will
And a 100% reason to remember the name