Hello guys, Hope everyone is well. I would like to share one of my findings.
What is Redirection?
Redirection is nothing but a diversion, attackers use multiple techniques or vulnerabilities to redirect the victims to a malicious website to gain access to the victim machine.
What is Clickjacking?
When an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the top-level page. Thus, the attacker is “hijacking” clicks meant for their page and routing them to another page, most likely owned by another application, domain, or both.
How do I Exploit the Vulnerability?
In application responses, I found there is not X_frame header set. So, I decided to write and a piece of HTML code for the website abc.com login page which will look the same as the original website login page. Wher.
Post creation of HTML, I can able to open the web site's login page in a frame. If this possible, An attacker can capture the key stokes that the user is entering on the login username and password fields & the attacker can also redirect the user (if the user clicks on the button) to the malicious website through the button “Click Here to Win iPhone”.
Remediation:
The X-Frame-Options HTTP response header can be used to indicate whether a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid Clickjacking attacks, by ensuring that their content is not embedded into other sites. Set the X-Frame-Options header for all responses containing HTML content.
