Abstract image of a woman sitting on books and studying on a laptop

What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.

Mikhail Egorov, profile picture
Mikhail Egorov

This document discusses vulnerabilities in WebSocket APIs. It begins with an introduction to the speaker and overview of WebSocket protocols. It then covers specific vulnerabilities like cross-site WebSocket hijacking, authentication issues, and request smuggling through WebSocket connections. The document demonstrates these vulnerabilities through challenges on public sites. It concludes with ideas for further research on WebSocket security.

Internet
1 of 59
Downloaded 97 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Most read
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
Most read
45
46
47
48
49
50
51
52
53
54
55
56
Most read
57
58
59
What’s wrong with w/ WebSocket API? Unveiling vulnerabilities in WebSocket APIs Mikhail Egorov / @0ang3el #HACKTIVITY2019
# whoami 2 ▪ Security researcher / full-time bug hunter ▪ https://bugcrowd.com/0ang3el ▪ https://hackerone.com/0ang3el ▪ Conference speaker ▪ https://www.slideshare.net/0ang3el ▪ https://speakerdeck.com/0ang3el
Previous work 3 ▪ https://media.blackhat.com/bh-us- 12/Briefings/Shekyan/BH_US_12_Shekyan_Toukharian_Hacking_Websocket_Slides .pdf ▪ https://www.nccgroup.trust/us/about-us/newsroom-and- events/blog/2017/may/wssip-a-websocket-manipulation-proxy/ ▪ https://chybeta.github.io/2018/04/07/spring-messaging-Remote-Code-Execution- %E5%88%86%E6%9E%90-%E3%80%90CVE-2018-1270%E3%80%91/ ▪ https://www.twistlock.com/labs-blog/demystifying-kubernetes-cve-2018-1002105- dead-simple-exploit/ ▪ https://github.com/andresriancho/websocket-fuzzer ▪ https://www.irongeek.com/i.php?page=videos/derbycon9/stable-35-old-tools-new- tricks-hacking-websockets-michael-fowl-nick-defoe
4 WebSocket protocol essentials
WebSocket protocol – RFC 6455 5 ▪ Efficient two-way communication protocol ▪ WebSocket is stateful (HTTP is stateless) ▪ Two main parts: handshake and data transfer
WebSocket protocol – RFC 6455 6 ▪ Extensibility: subprotocols and extensions ▪ Subprotocols ▪ https://www.iana.org/assignments/websocket/websocket.xml#subpro tocol-name ▪ Wamp ▪ Stomp ▪ Soap ▪ …
WebSocket protocol – RFC 6455 7 ▪ Extensibility: subprotocols and extensions ▪ Extensions ▪ https://www.iana.org/assignments/websocket/websocket.xml#extens ion-name ▪ permessage-deflate ▪ bbf-usp-protocol
WebSocket protocol – RFC 6455 8 ▪ Origin-based security model (Browser clients) ▪ No authentication ▪ Client must do client-to-server masking
WebSocket protocol support 9 ▪ Major web browsers ▪ Web servers / Proxies ▪ Apache httpd, Nginx, IIS, … ▪ HAProxy, Traefik, Varnish, Envoy, … ▪ Cloud providers ▪WebSocket API (api gateways) ▪WebSocket proxying (load balancers)
WebSocket handshake 10 Upgrade request Base64(Random nonce) Protocol version Required HTTP version
WebSocket handshake 11 Required status code BASE64(SHA1(Sec-WebSocket-Key || CONST ))
WebSocket data transfer 12 x00 – continuation frame x01 – text frame x02 – binary frame x08 – close frame x09 – ping x0A – pong other values are reserved
WebSocket data transfer - masking 13 ▪ Masking key is 32-bit long passed inside frame ▪ Client must send masked data ▪ MASKED = MASK ^ DATA (^ - XOR) ▪ Mechanism protects against cache poisoning and smuggling attacks
14 Cross-Site WebSocket Hijacking
WebSocket security for Web Browser 15 ▪ SOP doesn’t work for WebSocket in web browser ▪ Read from WebSocket cross-origin ▪ Write to WebSocket cross-origin ▪ Header Origin should be checked on handshake step (origin-based security model)
CSWSH 16 ▪ Cookies are used to authenticate upgrade request ▪ Header Origin isn’t checked or checked poorly
CSWSH 17 ▪ CORS tricks from @albinowax are applicable to WebSocket ▪ https://portswigger.net/research/exploiting-cors-misconfigurations- for-bitcoins-and-bounties ▪ Null origin ▪ Pre-domain wildcard ▪ Post-domain wildcard ▪ …
CSWSH – Null origin 18 ▪ nullorigin.html <iframe src="data:text/html, <script>const socket = new WebSocket('wss://example.com'); </script>"></iframe>
CSWSH 19 ▪ Playground ▪ https://portswigger.net/web-security/websockets/cross-site- websocket-hijacking
CSWSH – template for attack 5
Demo 5
22 Authentication / IDOR issues
Authentication 23 ▪ WebSocket protocol doesn’t offer authentication ▪ Developers have to roll out their own AuthN ▪ It’s secure to check AuthN only during handshake ▪ Common secure implementations ▪ Session cookies ▪ Tokens
Broken authentication – Case 1 24 ▪ Some ID / GUID is required in Upgrade request ▪ Guess ID ▪ Leak GUID (minor IDOR, …)
Broken authentication – Case 2 25 ▪ No authentication during handshake step ▪ Some ID / GUID required in API messages ▪ Guess ID ▪ Leak GUID (minor IDOR, …)
Broken authentication – Case 2 26 ▪ Exposing GraphQL subscriptions w/o AuthN ▪ https://github.com/righettod/poc-graphql#subscriptions- websocket-endpoint-default-enabling ▪ Path /subscriptions
Insecure Direct Object Reference issues 27 ▪ Strong authentication during handshake step ▪ Some ID / GUID required in API messages ▪ Guess ID ▪ Leak GUID (minor IDOR, …)
28 Smuggling through WebSocket
Reverse proxying WebSocket connection 29 Client Frontend Reverse proxy Backend /socket.io/ Public WebSocket API
Reverse proxying WebSocket connection 30 Client Frontend Reverse proxy Upgrade request Upgrade request Backend /socket.io/
Reverse proxying WebSocket connection 31 Client Frontend Reverse proxy Upgrade request Upgrade request HTTP/1.1 101HTTP/1.1 101 Backend /socket.io/
Reverse proxying WebSocket connection 32 Client Frontend Reverse proxy Upgrade request Upgrade request HTTP/1.1 101HTTP/1.1 101 WebSocket connection direct WebSocket connection Client - Backend Backend /socket.io/
Smuggling through WebSocket connection 33 Client Frontend Reverse proxy (vulnerable) Private REST API Public WebSocket API Backend /internal /socket.io/
34 BackendClient Frontend Reverse proxy (vulnerable) /internal Upgrade request /socket.io/ Sec-WebSocket-Version: 1337 Upgrade request Sec-WebSocket-Version: 1337 Version correctness isn’t checked! Smuggling through WebSocket connection
35 BackendClient Frontend Reverse proxy (vulnerable) /internal Upgrade request /socket.io/ Sec-WebSocket-Version: 1337 Upgrade request Sec-WebSocket-Version: 1337 HTTP/1.1 426HTTP/1.1 426 Response correctness isn’t checked! Smuggling through WebSocket connection
36 BackendClient Frontend Reverse proxy (vulnerable) /internal Upgrade request /socket.io/ Sec-WebSocket-Version: 1337 Upgrade request Sec-WebSocket-Version: 1337 HTTP/1.1 426HTTP/1.1 426 TLS connection direct TLS connection Client – Backend not WebSocket!!! Client can access /internal Smuggling through WebSocket connection
Challenge – challenge.0ang3el.tk 37 ▪ URL ▪ https://challenge.0ang3el.tk/websocket.html ▪ You need to access flag on localhost:5000 ▪ Seems no one solved
Challenge – challenge.0ang3el.tk 38 ▪ Frontend ▪ Not disclosed WebSocket reverse proxy ▪ socket.io.js ▪ Proxies only WebSocket API - /socket.io/ path ▪ Backend ▪ Flask, Flask-SoketIO, Flask-Restful ▪ Listens on localhost:5000 only
challenge1.py
challenge1.py - DEMO
Vulnerable reverse proxies 41 ▪ Vulnerable ▪ Varnish, Envoy proxy <= 1.8.0, other non-disclosed ▪ Not vulnerable ▪ Nginx, HAProxy, Traefik, others
Varnish response 42 ▪ WebSocket proxying configuration ▪ https://varnish-cache.org/docs/6.3/users-guide/vcl-example- websockets.html
Smuggling through WebSocket connection 43 Client Frontend Reverse proxy (Nginx or another) Private REST API Public WebSocket API & REST API Backend /internal /api/socket.io/ /api/health
Smuggling through WebSocket connection 44 Client Frontend Reverse proxy (Nginx or another) Backend /internal /api/socket.io/ /api/health example.com GET HTTP/1.1 200
Smuggling through WebSocket connection 45 Client Frontend Reverse proxy (Nginx or another) Backend /internal /api/socket.io/ /api/health Only Upgrade: websocket header is checked! POST /api/health?u= POST /api/health?u=
Smuggling through WebSocket connection 46 Client Frontend Reverse proxy (Nginx or another) Backend /internal /api/socket.io/ /api/health attacker.com GET HTTP/1.1 101 HTTP/1.1 101HTTP/1.1 101 Only status code is checked for response! POST /api/health?u= POST /api/health?u=
Smuggling through WebSocket connection 47 Client Frontend Reverse proxy (Nginx or another) Backend /internal /api/socket.io/ /api/health HTTP/1.1 101HTTP/1.1 101 TLS connection direct TLS connection Client – Backend not WebSocket!!! Client can access /internal POST /api/health?u= POST /api/health?u= Client-to-Server masking isn’t checked by proxy!!!
Challenge2 – challenge2.0ang3el.tk 48 ▪ URL ▪ https://challenge2.0ang3el.tk/websocket.html ▪ You need to access flag on localhost:5000 ▪ Seems no one solved
Challenge2 – challenge2.0ang3el.tk 49 ▪ Frontend ▪ Nginx as WebSocket reverse proxy ▪ socket.io.js ▪ Proxies only /api/public path (socket.io and healthcheck) ▪ Backend ▪ Flask, Flask-SoketIO, Flask-Restful ▪ Listens on localhost:5000 only
Challenge2 – challenge2.0ang3el.tk 50 ▪ Nginx config
Challenge2 – challenge2.0ang3el.tk 51 ▪ REST API - healthcheck
Challenge2.py 5
Challenge2.py - Demo 5
Vulnerable reverse proxies 54 ▪ Almost all proxies are affected ▪ But exploitation is limited ▪ External SSRF is required that returns status code ▪ …
55 Discovering WebSocket APIs
Discovering WebSocket API 56 ▪ Monitor Upgrade requests ▪ Analyze JavaScript files ▪ Try to establish WebSocket connection to each URL ▪ …
57 Conclusion
Ideas for further research 58 ▪ Security of WebSocket subprotocols ▪ More smuggling techniques ▪ HTTP/2 and WebSocket ▪ …
Thank you! @0ang3el

More Related Content

PPTX
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
Soroush Dalili
 
PDF
HTTP Request Smuggling via higher HTTP versions
neexemil
 
PPTX
Attacking thru HTTP Host header
Sergey Belov
 
PPTX
Reverse proxies & Inconsistency
GreenD0g
 
PDF
Bug Bounty Hunter Methodology - Nullcon 2016
bugcrowd
 
PDF
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
Marco Balduzzi
 
PDF
Offzone | Another waf bypass
Дмитрий Бумов
 
PPTX
Understanding Cross-site Request Forgery
Daniel Miessler
 
WAF Bypass Techniques - Using HTTP Standard and Web Servers’ Behaviour
Soroush Dalili
 
HTTP Request Smuggling via higher HTTP versions
neexemil
 
Attacking thru HTTP Host header
Sergey Belov
 
Reverse proxies & Inconsistency
GreenD0g
 
Bug Bounty Hunter Methodology - Nullcon 2016
bugcrowd
 
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
Marco Balduzzi
 
Offzone | Another waf bypass
Дмитрий Бумов
 
Understanding Cross-site Request Forgery
Daniel Miessler
 

What's hot (20)

PDF
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
Frans Rosén
 
PDF
Neat tricks to bypass CSRF-protection
Mikhail Egorov
 
PPTX
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
CODE BLUE
 
PDF
Building Advanced XSS Vectors
Rodolfo Assis (Brute)
 
PDF
OWASP AppSecEU 2018 – Attacking "Modern" Web Technologies
Frans Rosén
 
PDF
XSS Magic tricks
GarethHeyes
 
PDF
Cross site scripting
n|u - The Open Security Community
 
PDF
Hunting for security bugs in AEM webapps
Mikhail Egorov
 
PPTX
XSS - Do you know EVERYTHING?
Yurii Bilyk
 
PDF
HTTP Security Headers
Ismael Goncalves
 
PDF
Secure Coding principles by example: Build Security In from the start - Carlo...
Codemotion
 
PPTX
Bug bounty
n|u - The Open Security Community
 
PPTX
Bug Bounty 101
Shahee Mirza
 
PPTX
Mod security
Shruthi Kamath
 
PDF
Polyglot payloads in practice by avlidienbrunn at HackPra
Mathias Karlsson
 
PPTX
Cross Site Scripting: Prevention and Detection(XSS)
Aman Singh
 
PDF
DNS hijacking using cloud providers – No verification needed
Frans Rosén
 
PDF
Bug bounty null_owasp_2k17
Sagar M Parmar
 
PDF
Hacking Adobe Experience Manager sites
Mikhail Egorov
 
PPTX
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Amit Aggarwal
 
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
Frans Rosén
 
Neat tricks to bypass CSRF-protection
Mikhail Egorov
 
XSS Attacks Exploiting XSS Filter by Masato Kinugawa - CODE BLUE 2015
CODE BLUE
 
Building Advanced XSS Vectors
Rodolfo Assis (Brute)
 
OWASP AppSecEU 2018 – Attacking "Modern" Web Technologies
Frans Rosén
 
XSS Magic tricks
GarethHeyes
 
Cross site scripting
n|u - The Open Security Community
 
Hunting for security bugs in AEM webapps
Mikhail Egorov
 
XSS - Do you know EVERYTHING?
Yurii Bilyk
 
HTTP Security Headers
Ismael Goncalves
 
Secure Coding principles by example: Build Security In from the start - Carlo...
Codemotion
 
Bug bounty
n|u - The Open Security Community
 
Bug Bounty 101
Shahee Mirza
 
Mod security
Shruthi Kamath
 
Polyglot payloads in practice by avlidienbrunn at HackPra
Mathias Karlsson
 
Cross Site Scripting: Prevention and Detection(XSS)
Aman Singh
 
DNS hijacking using cloud providers – No verification needed
Frans Rosén
 
Bug bounty null_owasp_2k17
Sagar M Parmar
 
Hacking Adobe Experience Manager sites
Mikhail Egorov
 
Nginx A High Performance Load Balancer, Web Server & Reverse Proxy
Amit Aggarwal
 
Ad

Similar to What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs. (20)

PPTX
Web sockets - Pentesting
Vandana Verma
 
ZIP
Websockets at tossug
clkao
 
PPTX
WebSockets in JEE 7
Shahzad Badar
 
PPTX
ClientServer Websocket.pptx
MaxamedSheekhAmiin
 
PPTX
WebSockets-Revolutionizing-Real-Time-Communication.pptx
YasserLina
 
PPTX
vlavrynovych - WebSockets Presentation
Volodymyr Lavrynovych
 
PPTX
Intro to Web Sockets
Jim Gourgoutis
 
PDF
Introduction to WebSockets
Gunnar Hillert
 
PDF
WebSockets - Today, in the Past, in Future and in Production.
bodokaiser
 
PDF
Websockets
Sheridan Roberts
 
PDF
IRJET- An Overview of Web Sockets: The Future of Real-Time Communication
IRJET Journal
 
PPTX
Training Webinar: Enterprise application performance with server push technol...
OutSystems
 
PDF
Nuts and Bolts of WebSocket Devoxx 2014
Arun Gupta
 
PPTX
presentation in .net programming web sockets.pptx
ArvieJayLapig
 
PDF
Web Socket ASM support lior rotkovitch
Lior Rotkovitch
 
PDF
WebSocket Server - Jul 2010
takanao ENODH
 
PPTX
Html5 websockets
AbhishekMondal42
 
PPT
Web-Socket
Pankaj Kumar Sharma
 
PDF
WebSocket Push Fallback - Transcript.pdf
ShaiAlmog1
 
PPTX
Intro to WebSockets
Gaurav Oberoi
 
Web sockets - Pentesting
Vandana Verma
 
Websockets at tossug
clkao
 
WebSockets in JEE 7
Shahzad Badar
 
ClientServer Websocket.pptx
MaxamedSheekhAmiin
 
WebSockets-Revolutionizing-Real-Time-Communication.pptx
YasserLina
 
vlavrynovych - WebSockets Presentation
Volodymyr Lavrynovych
 
Intro to Web Sockets
Jim Gourgoutis
 
Introduction to WebSockets
Gunnar Hillert
 
WebSockets - Today, in the Past, in Future and in Production.
bodokaiser
 
Websockets
Sheridan Roberts
 
IRJET- An Overview of Web Sockets: The Future of Real-Time Communication
IRJET Journal
 
Training Webinar: Enterprise application performance with server push technol...
OutSystems
 
Nuts and Bolts of WebSocket Devoxx 2014
Arun Gupta
 
presentation in .net programming web sockets.pptx
ArvieJayLapig
 
Web Socket ASM support lior rotkovitch
Lior Rotkovitch
 
WebSocket Server - Jul 2010
takanao ENODH
 
Html5 websockets
AbhishekMondal42
 
Web-Socket
Pankaj Kumar Sharma
 
WebSocket Push Fallback - Transcript.pdf
ShaiAlmog1
 
Intro to WebSockets
Gaurav Oberoi
 
Ad

More from Mikhail Egorov (9)

PDF
A Hacker's perspective on AEM applications security
Mikhail Egorov
 
PDF
Securing AEM webapps by hacking them
Mikhail Egorov
 
PDF
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
Mikhail Egorov
 
PPTX
CSRF-уязвимости все еще актуальны: как атакующие обходят CSRF-защиту в вашем ...
Mikhail Egorov
 
PDF
Unsafe JAX-RS: Breaking REST API
Mikhail Egorov
 
PDF
Entity provider selection confusion attacks in JAX-RS applications
Mikhail Egorov
 
PDF
New methods for exploiting ORM injections in Java applications
Mikhail Egorov
 
PDF
What should a hacker know about WebDav?
Mikhail Egorov
 
PDF
ORM2Pwn: Exploiting injections in Hibernate ORM
Mikhail Egorov
 
A Hacker's perspective on AEM applications security
Mikhail Egorov
 
Securing AEM webapps by hacking them
Mikhail Egorov
 
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
Mikhail Egorov
 
CSRF-уязвимости все еще актуальны: как атакующие обходят CSRF-защиту в вашем ...
Mikhail Egorov
 
Unsafe JAX-RS: Breaking REST API
Mikhail Egorov
 
Entity provider selection confusion attacks in JAX-RS applications
Mikhail Egorov
 
New methods for exploiting ORM injections in Java applications
Mikhail Egorov
 
What should a hacker know about WebDav?
Mikhail Egorov
 
ORM2Pwn: Exploiting injections in Hibernate ORM
Mikhail Egorov
 

Recently uploaded (20)

PPTX
Artificial_Intelligence_Basics use in our daily life
ANUBHABPANIGRAHI3
 
PDF
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
PPTX
最新版美国埃默里大学毕业证(Emory毕业证书)原版定制文凭学历认证
澳洲拉筹伯大学成绩单【q薇1954292140】拉筹伯大学毕业证购买
 
PDF
healthwealthtech4all-blogspot-com-2025-08-top-5-tech-innovations-that-will-ht...
nareshkumargovindan2
 
PDF
Containerization lab dddddddddddddddmanual.pdf
muler161921
 
PPTX
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
Cashmir Pangandaman
 
PDF
Top 8 Trusted Sources to Buy Verified Cash App Accounts.pdf
How To Buy Verified Cash App Accounts
 
PPTX
Partner to Customer - Sales Presentation_V23.01.pptx
ssusera1629e
 
PDF
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
PDF
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
PPTX
module 1-Part 1.pptxdddddddddddddddddddddddddddddddddddd
KevinSeelu
 
PDF
Exploring The Internet Of Things(IOT).ppt
rakeshk19831911
 
PPTX
COPD_Management_Exacerbation_Detailed_Placeholders.pptx
4mmkp9d8xv
 
PDF
Public for study about wiring to confirm.
wongsa2524
 
PPTX
Edit gdasgdkhagfhgfgfasdghhdgfhdgfj.pptx
HuyNguynm
 
PDF
Paper PDF The World Game (s) Great Redesign.pdf
Steven McGee
 
PDF
Lean-Manufacturing-Tools-Techniques-and-How-To-Use-Them.pdf
Turreteng
 
PDF
Course Overview and Agenda cloud security
ElsayedKowaydeh
 
PPTX
Basic understanding of cloud computing one need
subhosvims
 
PPTX
10.2981-wlb.2004.021Figurewlb3bf00068fig0001.pptx
katherinecapunays
 
Artificial_Intelligence_Basics use in our daily life
ANUBHABPANIGRAHI3
 
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
最新版美国埃默里大学毕业证(Emory毕业证书)原版定制文凭学历认证
澳洲拉筹伯大学成绩单【q薇1954292140】拉筹伯大学毕业证购买
 
healthwealthtech4all-blogspot-com-2025-08-top-5-tech-innovations-that-will-ht...
nareshkumargovindan2
 
Containerization lab dddddddddddddddmanual.pdf
muler161921
 
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
Cashmir Pangandaman
 
Top 8 Trusted Sources to Buy Verified Cash App Accounts.pdf
How To Buy Verified Cash App Accounts
 
Partner to Customer - Sales Presentation_V23.01.pptx
ssusera1629e
 
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
module 1-Part 1.pptxdddddddddddddddddddddddddddddddddddd
KevinSeelu
 
Exploring The Internet Of Things(IOT).ppt
rakeshk19831911
 
COPD_Management_Exacerbation_Detailed_Placeholders.pptx
4mmkp9d8xv
 
Public for study about wiring to confirm.
wongsa2524
 
Edit gdasgdkhagfhgfgfasdghhdgfhdgfj.pptx
HuyNguynm
 
Paper PDF The World Game (s) Great Redesign.pdf
Steven McGee
 
Lean-Manufacturing-Tools-Techniques-and-How-To-Use-Them.pdf
Turreteng
 
Course Overview and Agenda cloud security
ElsayedKowaydeh
 
Basic understanding of cloud computing one need
subhosvims
 
10.2981-wlb.2004.021Figurewlb3bf00068fig0001.pptx
katherinecapunays
 

What’s wrong with WebSocket APIs? Unveiling vulnerabilities in WebSocket APIs.