Weaponizing Clickjacking Attack With Click Content Jacking

I Would like to share one simple trick to make clickjacking attack’s more impactful in simple Word’s.

Before getting into topic , let’s understand what click-jacking Means in 101 :

Clickjacking is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information while clicking on seemingly innocuous web pages. ~ Wikipedia

Clickjacking attack basically means Tricking the user into clicking something by framing Page to perform some malicious Action’s. ~ 101

  • Suppose we are Targeting (http://victim.com) Which is simple Blogging Website .
  • And the Site is Vulnerable to Clickjacking Attack .
  • What we Do Next ?

What we normally do is , Report it as (Tricking the users to comment on Blog Post through Clickjacking ) with Severity : Low~Medium

But Wait, Don’t give up so Easily , Keep Digging Something .

By Bruteforcing or Traveling though http://victim.com application, Suppose we end up at Something like http://victim.com/api/user.json and it also doesn’t have X-FRAME-OPTIONS header.

  • Now we can Chain both http://victim.com (Blog Post)and http://victim.com/api/user.json (User RestAPI Body) Together to leak the Confidential data though Blog post Comment .
  • I Simply Hosted malicious.html on my server , framing both above (Blog post) and (API body).

~ Note: SOP(Same Origin Policy) will Allow Drag and Drop behavior only if Both Frames have Same Origin i.e (http://victim.com)

  • Now We can see , We were able to Leak/Steal Sensitive Thing’s like (API,CSRF Token etc from API) ~ Severity : High
  • The Reason Why i call it as ~ClickContentJacking(CCJ)~ is Here we are Tricking the user to Steal the Content of the Site with Drag and Drop Behaviour . Content Can be Anything It can JSON,XML,JS or HTML Body . For Demonstration Purposed I Have used JSON.
  • That’s All About it !

~Feedback’s And Edit’s Are Welcome~

Security Analyst

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store