Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Cannot solve Multistep Clickjacking lab

Karthikeyan | Last updated: Jul 08, 2021 02:44PM UTC

I am trying to solve Multistep clickjacking lab but i cannot. I fell i have given the correct values. Below is the code. Can you please help me on this. <style> iframe { position:relative; width:500px; height: 700px; opacity: 0.0001; z-index: 2; } .firstClick, .secondClick { position:absolute; top:530px; left:50px; z-index: 1; } .secondClick { top:290px; left:210px; } </style> <div class="firstClick">Click me first</div> <div class="secondClick">Click me next</div> <iframe src="https://ac771f501f6911148024277600f90098.web-security-academy.net/my-account"></iframe>

Ben, PortSwigger Agent | Last updated: Jul 09, 2021 10:17AM UTC

Hi, Have you used the 'View exploit' functionality within the Exploit Server in order to check whether the values that you have provided ensure that the 'click me' div elements line up with the buttons that need to be clicked by the victim user? You may need to change the opacity value in order to see and be able to adjust these more easily.

Karthikeyan | Last updated: Jul 12, 2021 04:53AM UTC

Hi, Yes. I have adjusted the pixels in a way that it alligns with the two buttons. I made this by doing the view Exploit and opacity to 0.1 Once everything was perfect, i changed the opacity and the names to click me first and next and delivered the exploit. I tried everything, but i am not sure why the lab is not solved.

Karthikeyan | Last updated: Jul 12, 2021 10:23AM UTC