[Bah-guinda] [Bah-general] CLICK JACKING
Secure Web
secureweb23 en gmail.com
Lun Feb 1 15:03:30 CET 2021
Waiting for your reply
On Wed, Jan 27, 2021, 5:07 PM Secure Web <secureweb23 en gmail.com> wrote:
> [image: clickjack.png]
> Hello Team
>
> Hope that you're doing all good and healthy.I would like to draw your
> attention to some of the vulnerabilities in your site which i would like to
> report.
> Kindly provide me the email of relevant team or person and let me know if
> there is any bug bounty program or reward regarding this disclosure of
> vulnerabilties as this work requires both cost and time.
>
> Thank you
>
> BUG TYPE: CLICK JACKING
>
>
> In the index (home page): https://website.com/login
> Clickjacking, also known as a "UI redress attack", is when an attacker
> uses multiple transparent or opaque layers to trick a user into clicking on
> a button or link on another page when they were intending to click on the
> the top level page. Thus, the attacker is "hijacking" clicks meant for
> their page and routing them to another page, most likely owned by another
> application, domain, or both.
>
> Using a similar technique, keystrokes can also be hijacked. With a
> carefully crafted combination of style sheets, i frames, and text boxes, a
> user can be led to believe they are typing in the password to their email
> or bank account, but are instead typing into an invisible frame controlled
> by the attacker.
> PoC:
> <html>
> <head>
> <title>test nbxsites </title>
> </head>
> <body>
> <p> https://website.com/login is vulnerable to clickjacking!</p>
> <iframe src="https://website.com/login" width="500" height="500"></iframe>
> </body>
> </html>
>
> IMPACTS:
> Tricking a user into unknowingly;
>
> No.1: An attacker can gain access to the credentials of users and use
> those credentials for booking and payment.
>
> No.2: adding events to their profile they are interested in attending.
>
> No. 3: editing their star rating on reviews;
>
> No.1: bookmarking unwanted business
>
> PROOF:
>
> Screenshot
>
> Best Regards.
> Found More bugs on your website reply me so that i may disclose them
> further.
>
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://lists.ourproject.org/pipermail/bah-guinda/attachments/20210201/07e6e00d/attachment-0001.html>
------------ próxima parte ------------
A non-text attachment was scrubbed...
Name: clickjack.png
Type: image/png
Size: 26008 bytes
Desc: no disponible
URL: <https://lists.ourproject.org/pipermail/bah-guinda/attachments/20210201/07e6e00d/attachment-0001.png>
------------ próxima parte ------------
_______________________________________________
Bah-general mailing list
Bah-general en lists.ourproject.org
https://lists.ourproject.org/cgi-bin/mailman/listinfo/bah-general
Más información sobre la lista de distribución Bah-guinda