Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Cannot solve Multistep Clickjacking lab

Karthikeyan | Last updated: Jul 08, 2021 02:44PM UTC

I am trying to solve Multistep clickjacking lab but i cannot. I fell i have given the correct values. Below is the code. Can you please help me on this. <style> iframe { position:relative; width:500px; height: 700px; opacity: 0.0001; z-index: 2; } .firstClick, .secondClick { position:absolute; top:530px; left:50px; z-index: 1; } .secondClick { top:290px; left:210px; } </style> <div class="firstClick">Click me first</div> <div class="secondClick">Click me next</div> <iframe src="https://ac771f501f6911148024277600f90098.web-security-academy.net/my-account"></iframe>

Ben, PortSwigger Agent | Last updated: Jul 09, 2021 10:17AM UTC

Hi, Have you used the 'View exploit' functionality within the Exploit Server in order to check whether the values that you have provided ensure that the 'click me' div elements line up with the buttons that need to be clicked by the victim user? You may need to change the opacity value in order to see and be able to adjust these more easily.

Karthikeyan | Last updated: Jul 12, 2021 04:53AM UTC

Hi, Yes. I have adjusted the pixels in a way that it alligns with the two buttons. I made this by doing the view Exploit and opacity to 0.1 Once everything was perfect, i changed the opacity and the names to click me first and next and delivered the exploit. I tried everything, but i am not sure why the lab is not solved.

Karthikeyan | Last updated: Jul 12, 2021 10:23AM UTC

Hello, I was able to complete the lab today. Please note, i have not made any changes in the code from the previous. Just submitted. But anyway Thank you for jumping in.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.