Clickjacking (UI redressing)
https://portswigger.net/web-security/clickjacking
Lab: Basic clickjacking with CSRF token protection
This lab contains login functionality and a delete account button that is protected by a CSRF token. A user will click on elements that display the word "click" on a decoy website.
To solve the lab, craft some HTML that frames the account page and fools the user into deleting their account. The lab is solved when the account is deleted.
We have to arrange of click with div's top and left values to deletion of user.
We can set iframe's opacity to 0.2 for clear view.
Exploit Server ->
Lab: Clickjacking with form input data prefilled from a URL parameter
This lab extends the basic clickjacking example in Lab: Basic clickjacking with CSRF token protection. The goal of the lab is to change the email address of the user by prepopulating a form using a URL parameter and enticing the user to inadvertently click on an "Update email" button.
To solve the lab, craft some HTML that frames the account page and fools the user into updating their email address by clicking on a "Click me" decoy. The lab is solved when the email address is changed.
/my-account?email=evil%40mail.com
Exploit Server ->
Lab: Clickjacking with a frame buster script
This lab is protected by a frame buster which prevents the website from being framed. Can you get around the frame buster and conduct a clickjacking attack that changes the users email address?
To solve the lab, craft some HTML that frames the account page and fools the user into changing their email address by clicking on "Click me". The lab is solved when the email address is changed.
We can use sandbox="allow-forms" attribute in iframe. These values can be use for bypass:
allow-forms
allow-scripts
allow-top-navigation
Exploit Server ->
Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS
This lab contains an XSS vulnerability that is triggered by a click. Construct a clickjacking attack that fools the user into clicking the "Click me" button to call the print() function.
Exploit Server ->
Lab: Multistep clickjacking
This lab has some account functionality that is protected by a CSRF token and also has a confirmation dialog to protect against Clickjacking. To solve this lab construct an attack that fools the user into clicking the delete account button and the confirmation dialog by clicking on "Click me first" and "Click me next" decoy actions. You will need to use two elements for this lab.
"Delete Account" button ->"Yes" button
Exploit Server ->
Last updated