How you can show the impact of Clickjacking ??

Yes, you can show the impact of clickjacking after reading this article.

Hello Folks, In this article, I will explain how can you increase or show the impact of clickjacking while hunting.

What is Clickjacking ??

From the Google definition 👇

Clickjacking is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web pages.

Let's get Started !! 😉

We have a free open-source POC tool for clickjacking, please download and keep it in the web root of your local machine, I recommend you to use Kali or at least ubuntu here.

Tool Link: https://github.com/sensepost/jack

Open the tool and paste the target application URL → Click on Load as shown:

This will load the target application, here please remember while demonstrating the impact of clickjacking please make sure that you are on a login page!

Once the target application is loaded, drag and drop, the email and password box to the actual login field ( Email ID and Password ) which is similar to iframe in real-time.

Then click on login!

Boom……………..!!

Whatever username and password entered by the victim can be captured using this vulnerability can be demonstrated with this tool.

That’s it for this write-up.

If you are still confused, please drop me a comment, surely I will clear your doubts !!

Happy Hacking 🥂🥂

Thanks for reading.

Please follow me for more writeups.