Vulnerability Found

vishal kumar vachheta vishalsvachheta at gmail.com
Sun Sep 30 16:13:05 EDT 2018


ulnerability Name : Found Clickjacking Vulnerability

Vulnerability Description :

Clickjacking (User Interface redress attack, UI redress attack, UI
redressing) is a malicious technique of tricking a Web user into clicking
on something different from what the user perceives they are clicking on,
thus potentially revealing confidential information or taking control of
their computer while clicking on seemingly innocuous web pages.
The server didn't return an X-Frame-Options header which means that this
website could be at risk of a clickjacking attack. The X-Frame-Options HTTP
response header can be used to indicate whether or not a browser should be
allowed to render a page in a <frame> or <iframe>. Sites can use this to
avoid clickjacking attacks, by ensuring that their content is not embedded
into other sites.
This vulnerability affects Web Server.
Impact:

Impact of these Vulnerability :

An attacker can host this domain in other evil site by using iframe and if
a user fill the given filed it can directly redirect as logs to attacker
and after its redirect to your web server.. its lead to steal user
information too and use that host site as phishing of your site its
Clickjacking


Vulnerable URL : "https://pidgin.im/"

Payload :

<html>
<head>
<title>Clickjack test page</title>
</head>
<body>
<p>You’ve been clickjacked!</p>
<iframe sandbox="allow-scripts allow-forms" src="https://pidgin.im/
<http://info.studielink.nl/en/studenten/Pages/Default.aspx>"
style="width:100%;height:90%"></iframe>
</body>
</html>

How to reproduce this vulnerability :

1.open notepad and paste the folloing code

<html>
<head>
<title>Clickjack test page</title>
</head>
<body>
<p>You’ve been clickjacked!</p>
<iframe sandbox="allow-scripts allow-forms" src="https://pidgin.im/
<http://info.studielink.nl/en/studenten/Pages/Default.aspx>"
style="width:100%;height:90%"></iframe>
</body>
</html>

2.save it as <anyname>.html eg s.html
3.and just simply open that..
As far as i know this data is enough to prove that your site is vulberable
to Clickjacking..
according to OWASP its more than enough..
https://www.owasp.org/index.php/Testing_for_Clickjacking_(OWASP-CS-004)
POC :

Responce :

Video file attached.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20181001/970b746d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screencast_Monday 01 October 2018_01:40:47  IST.webm
Type: video/webm
Size: 777651 bytes
Desc: not available
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20181001/970b746d/attachment-0001.webm>


More information about the security mailing list