Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Clickjacking labs

Piotr | Last updated: Mar 20, 2024 10:13AM UTC

Hi I am reporting a problem with the execution of clickjacking exercises. I am using a browser in burp. I perform the exercises according to the solutions. Selecting View exploit I noticed that the browser blocks third-party cookies. I manually added the option to allow cookies and then View exploit displays iframe logged in. Despite the Deliver exploit code prepared correctly, it does not solve the lab. Since the description states that the "victim" uses chrome I wonder if there is blocking on the "victim's" side which results in the inability to solve the exercises.

Ben, PortSwigger Agent | Last updated: Mar 20, 2024 05:22PM UTC

Hi Piotr, Are you able to email us at support@portswigger.net and include some screenshots of exactly what your exploit looks like and what you are seeing when you click the 'View exploit' button in one of the labs so that we can see exactly what you are doing?

Piotr | Last updated: Mar 20, 2024 08:43PM UTC

Hi Ben, Sure will do it.

Piotr | Last updated: Mar 21, 2024 01:17PM UTC

I already sent an email but I know where I was making a mistake. Aside from the problem with third party cookies in the burp browser I forgot to change from test me to click me :) case to be closed.

Ben, PortSwigger Agent | Last updated: Mar 21, 2024 01:26PM UTC