This lab contains a XSS vulnerability that is triggered by a click. Construct a clickjacking attack that injects a XSS payload and fools the user into clicking the button to execute the payload.
You have an account on the application that you can use to help design your attack. The credentials are: carlos / montoya.
Note
The victim will be using Chrome so test your exploit on that browser.
Use the following HTML template and provide the details as follows:
replace $url with the URL for the Submit feedback page in the iframe,
substitute suitable values in pixels for the $height_value and $width_value variables of the iframe (we suggest 700px and 500px respectively),
substitute suitable values in pixels for the $top_value and $side_value variables of the decoy web content so that the "delete account" button and the "click me" decoy action align (we suggest 610px and 80px respectively),
set the opacity value $opacity to ensure that the target iframe is transparent. Initially, use an opacity of 0.1 so that you can align the iframe actions and adjust the position values as necessary. For the submitted attack a value of 0.0001 will work.
Go to the exploit server, paste your exploit HTML into the "Body text" box, and click "Store".
Click "View stored response".
Hover over "Test me" and ensure the cursor changes to a hand indicating that the div element is positioned correctly. If not, adjust the position of the div element by modifying the top and left properties of the style sheet.
Click "Test me" and you should see an alert.
Change "Test me" to "Click me" and click "Store" on the exploit server.
The simulated victim now clicks on the div element and the lab should be solved.
If you reload the account page then you will observe that you have successfully completed the lab.
Want to track your progress and have a more personalized learning experience? (It's free!)