Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Clickjacking labs

Piotr | Last updated: Mar 20, 2024 10:13AM UTC

Hi I am reporting a problem with the execution of clickjacking exercises. I am using a browser in burp. I perform the exercises according to the solutions. Selecting View exploit I noticed that the browser blocks third-party cookies. I manually added the option to allow cookies and then View exploit displays iframe logged in. Despite the Deliver exploit code prepared correctly, it does not solve the lab. Since the description states that the "victim" uses chrome I wonder if there is blocking on the "victim's" side which results in the inability to solve the exercises.

Ben, PortSwigger Agent | Last updated: Mar 20, 2024 05:22PM UTC

Hi Piotr, Are you able to email us at support@portswigger.net and include some screenshots of exactly what your exploit looks like and what you are seeing when you click the 'View exploit' button in one of the labs so that we can see exactly what you are doing?

Piotr | Last updated: Mar 20, 2024 08:43PM UTC

Hi Ben, Sure will do it.

Piotr | Last updated: Mar 21, 2024 01:17PM UTC

I already sent an email but I know where I was making a mistake. Aside from the problem with third party cookies in the burp browser I forgot to change from test me to click me :) case to be closed.

Ben, PortSwigger Agent | Last updated: Mar 21, 2024 01:26PM UTC

Hi Piotr, I have just this very second replied to your email pointing this out but glad we got there in the end!

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.