2021-06-18 22:27:35 Author: infosecwriteups.com(查看原文) 阅读量:157 收藏
In this article, we will discuss the Clickjacking vulnerability, how to find one, and present 25 disclosed reports based on this issue.
Clickjacking is a vulnerability through which users are tricked (visually) to click some buttons or UI elements of the parent page, but in reality they are clicking something in the vulnerable web application, because that is being hidden behind the UI of the parent page. Basically the clicks of the users are hijacked for another action within a different page.
It can lead to unrestricted actions being performed, malware download, likejacking (for social media pages), and more.
There are multiple ways of testing if there is any clickjacking possibility within a web application. The one that I use mostly is the Burp Clickbandit feature of the Burp Suite tool.
Another option would be to use an iframe on localhost for the website, as following:
<iframe src="URL"></iframe>Or, if you want to do it quickly, you can use the following website: https://www.lookout.net/test/clickjack.html
The solution to prevent against Clickjacking attacks is pretty straight-forward, just use the X-Frame-Options header. More you can find here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
The reports were disclosed through the HackerOne platform and were selected according to their upvotes, bounty, severity level, complexity, and uniqueness.
#1
Title: Highly wormable clickjacking in player card
Company: Twitter
Bounty: $5,040
#2
Title: OAuth authorization page vulnerable to clickjacking
Company: Coinbase
Bounty: $5,000
#3
Title: Twitter Periscope Clickjacking Vulnerability
Company: Twitter
Bounty: $1,120
#4
Title: Viral Direct Message Clickjacking via link truncation leading to capture of both Google credentials & installation of malicious 3rd party Twitter App
Company: Twitter
Bounty: $1,120
#5
Title: Stealing User emails by clickjacking cards.twitter.com/xxx/xxx
Company: Twitter
Bounty: $1,120
#6
Title: Clickjacking Periscope.tv on Chrome
Company: Twitter
Bounty: $560
#7
Title: ClickJacking on IMPORTANT Functions of Yelp
Company: Yelp
Bounty: $500
#8
Title: CRITICAL-CLICKJACKING at Yelp Reservations Resulting in exposure of victim Private Data (Email info) + Victim Credit Card MissUse.
Company: Yelp
Bounty: $500
#9
Title: Site-wide clickjacking at IE11
Company: New Relic
Bounty: $500
#10
Title: Bypass of the Clickjacking protection on Flickr using data URL in iframes
Company: Verizon Media
Bounty: $250
#11
Title: Make user buy items via clickjacking possibility
Company: Mail.ru
Bounty: $200
#12
Title: [api.tumblr.com] Exploiting clickjacking vulnerability to trigger self DOM-based XSS
Company: Automattic
Bounty: $150
#13
Title: Modifying application settings via clickjacking on o2.mail.ru
Company: Mail.ru
Bounty: $150
#14
Title: Single Sing On — Clickjacking
Company: Semrush
Bounty: $150
#15
Title: Following links are vulnerable to clickjacking
Company: Semrush
Bounty: $150
#16
Title: Clickjacking Vulnerability via https://webagent.mail.ru leading to protection bypass for https://web.icq.com/ end point
Company: Mail.ru
Bounty: $150
#17
Title: Sensitive Clickjacking on admin login page.
Company: Shipt
Bounty: $100
#18
Title: self-xss with ClickJacking can leads to account takeover in Firefox
Company: Imgur
Bounty: $100
#19
Title: Clickjacking Vulnerability found on Yelp
Company: Yelp
Bounty: $100
#20
Title: Clickjacking at ylands.com
Company: BOHEMIA INTERACTIVE a.s
Bounty: $80
#21
Title: Modify account details by exploiting clickjacking vulnerability on refer.wordpress.com
Company: Automattic
Bounty: $75
#22
Title: Clickjacking on donation page
Company: WordPress
Bounty: $50
#23
Title: Clickjacking at https://www.mavenlink.com/ main website
Company: Mavenlink
Bounty: $50
#24
Title: Clickjacking
Company: Mavenlink
Bounty: $50
#25
Title: AWS S3 website can’t serve security headers, may allow clickjacking
Company: Legal Robot
Bounty: $40
#1
Title: Clickjacking in the admin page
Company: Rocket.Chat
Bounty: $0
#2
Title: Clickjacking on cas.acronis.com login page
Company: Acronis
Bounty: $0
#3
Title: Clickjacking In jobs.wordpress.net
Company: WordPress
Bounty: $0
#4
Title: Clickjacking in [exchangemarketplace.com]
Company: Shopify
Bounty: $0
#5
Title: Clickjacking wordcamp.org
Company: WordPress
Bounty: $0
#6
Title: URL is vulnerable to clickjacking
Company: MyCrypto
Bounty: $0
#7
Title: Clickjacking mercantile.wordpress.org
Company: WordPress
Bounty: $0
#8
Title: Get ip and Geo location any user via Clickjacking with inspectlet technology
Company: Acronis
Bounty: $0
#9
Title: Clickjacking on authorized page https://wakatime.com/share/embed
Company: WakaTime
Bounty: $0
#10
Title: Clickjacking — https://mercantile.wordpress.org/
Company: WordPress
Bounty: $0
Many thanks, and wish you a beautiful day!
如有侵权请联系:admin#unsafe.sh