Basic clickjacking with CSRF token protection (Video solution)

preview_player
Показать описание
This video shows the lab solution of "Basic clickjacking with CSRF token protection" from Web Security Academy (Portswigger)

  1. Michael Sommer
  2. Web Security
  3. Hacking
  4. Portswigger
  5. Burp
  6. Clickjacking
Рекомендации по теме
Basic clickjacking with 0:04:37

Basic clickjacking with CSRF token protection (Video solution)

Basic clickjacking with 0:04:35

Basic clickjacking with CSRF token protection

Clickjacking attack ( 0:01:41

Clickjacking attack ( Basic clickjacking with CSRF token protection portswigger lab )

Lab Basic clickjacking 0:03:59

Lab Basic clickjacking with CSRF token protection

16.1 Lab: Basic 0:00:58

16.1 Lab: Basic clickjacking with CSRF token protection | 2023

Basic clickjacking with 0:02:38

Basic clickjacking with CSRF token protection - APPRENTICE

Web Security Academy 0:13:37

Web Security Academy | Clickjacking | 1 - Basic Clickjacking with CSRF Token Protection

Basic clickjacking with 0:03:38

Basic clickjacking with CSRF token protection (Video Solution) | 2020

Lab: Basic clickjacking 0:07:38

Lab: Basic clickjacking with CSRF token protection

Basic clickjacking with 0:03:48

Basic clickjacking with CSRF token protection

Basic clickjacking with 0:06:28

Basic clickjacking with CSRF token protection

Résolution de Basic 0:09:49

Résolution de Basic clickjacking with CSRF token protection avec Owasp Zap.

Web Security Academy 0:14:05

Web Security Academy #097 Basic clickjacking with CSRF token protection

Clickjacking - Lab 0:13:54

Clickjacking - Lab 1 : Basic clickjacking with CSRF token protection

labs 1# Basic 0:10:07

labs 1# Basic clickjacking with CSRF token protection

PortSwigger Clickjacking Lab-1 0:14:18

PortSwigger Clickjacking Lab-1 | Basic clickjacking with CSRF token protection

Basic clickjacking with 0:11:39

Basic clickjacking with CSRF token protection

Portswigger Clickjacking Labs 0:12:50

Portswigger Clickjacking Labs Solution

Cross-Site Request Forgery 0:06:31

Cross-Site Request Forgery (CSRF) Explained And Demonstrated By A Pro Hacker!

Master Clickjacking Technique: 0:00:25

Master Clickjacking Technique: Secret Hacker's Guide

Lab: Clickjacking with 0:26:16

Lab: Clickjacking with form input data prefilled from a URL parameter

What is Clickjacking? 0:08:06

What is Clickjacking?

Clickjacking bug 💥 0:00:15

Clickjacking bug 💥

Clickjacking - Hacking 0:08:01

Clickjacking - Hacking Web Application UIs

Комментарии
Автор

the iframe tag is pointing to the lab id, how could this lead to delete the account ?!
shouldnt it be leading to labid/account/delete ?

amrfh
Автор

The above solution has only one button (delete) so the top position value might not work when you have an update email button also. Just inspect the element and notice the button (delete account) and note the position from the top. I got it approx 500 px.
A solution that I tried and works with 2021 version:
<style>
iframe {
position:relative;
width: 500px;
height: 700px;
opacity: 0.0001;
z-index: 2;
}
div {
position:absolute;
top: 500px;
left: 60px;
z-index: 1;
}
</style>
<div>Click me</div>
<iframe

Happy Learning!

anujjain
Автор

it's working on me but the lab isn't accepting the answer

t
Автор

Whats the carlos password which u gave in intital login step..?

aishwaryabochageri
Автор

can you just post a video of 2021 version because it has some updates and this is not working

harshitasingh
Автор

I may have deleted the account before finishing the lab...any way to log in with someone else or reset the lab?

ianporter