1
00:00:01,290 --> 00:00:02,160
Hello, everyone.

2
00:00:03,330 --> 00:00:10,560
So in this video, we are going to see one of the proof of concept for click checking type of attack.

3
00:00:11,850 --> 00:00:20,280
So in this video, we will see how you can identify if any website is vulnerable to click jacking attack,

4
00:00:21,090 --> 00:00:31,080
how you can practically code a click jacking, vulnerable rebel and test for any website if it loads

5
00:00:31,080 --> 00:00:36,570
into your post code to confirm the website is when they're able to click checking.

6
00:00:37,170 --> 00:00:38,520
So let's quickly see this.

7
00:00:39,120 --> 00:00:46,080
So here we have taken a life target in which it is an ice cream website.

8
00:00:46,800 --> 00:00:55,200
So I'm going to load this website into my one of the U.S. code to confirm if there exists a click juking

9
00:00:55,200 --> 00:00:56,010
venerability.

10
00:00:57,480 --> 00:01:05,220
So as you can see, I have successfully loaded Target and it is getting loaded over here now.

11
00:01:05,700 --> 00:01:07,770
I will copy the U all from here.

12
00:01:08,190 --> 00:01:14,090
And this is the U.S. Code, which I have saved into my favorite text editor.

13
00:01:14,970 --> 00:01:18,330
You can choose as per your reference, whatever you like.

14
00:01:18,690 --> 00:01:26,880
Also, you can save it into your conventional notepad or notepad plus plus if you have not installed

15
00:01:26,880 --> 00:01:27,470
sublime.

16
00:01:28,320 --> 00:01:28,950
All right.

17
00:01:29,220 --> 00:01:36,000
Now, quickly, let's understand the code or actually we have written and we are able to do the click

18
00:01:36,000 --> 00:01:36,390
track.

19
00:01:37,650 --> 00:01:44,210
As you can see over here, we have the Click Jack Test page, which is basically the click jacking attack.

20
00:01:44,700 --> 00:01:48,390
So we have started with the e-mail and it's close.

21
00:01:48,670 --> 00:01:58,680
This is basically the boilerplate which says that this is a dismal file then head title we have given.

22
00:01:59,340 --> 00:02:01,260
We have closed the head body.

23
00:02:01,590 --> 00:02:08,580
A paragraph at its website is one level to click tracking and the most important part, which is the

24
00:02:08,580 --> 00:02:16,740
iFrame, as you can see over here, we have given the iFrame sirc, which is the iFrame source of the

25
00:02:16,740 --> 00:02:21,990
website that we want to test on to confirm if it is one level.

26
00:02:22,710 --> 00:02:29,780
And just for the convenience, we have given the width and the height as five hundred and five hundred.

27
00:02:30,540 --> 00:02:35,400
Now you just have to save this particular code with the name.

28
00:02:35,760 --> 00:02:40,190
Anything that you want an extension as dot HDMI.

29
00:02:41,130 --> 00:02:46,230
Once you have saved this file you have to open this with your browser.

30
00:02:46,710 --> 00:02:52,110
So I have saved this with the name as click jack the you dot xhtml.

31
00:02:52,710 --> 00:03:01,830
Now when I open it with the browser you can see over here I think it's loaded with 500 pixels of height

32
00:03:02,070 --> 00:03:11,340
and 500 pixels of print and the website successfully gets loaded into our iFrame which thus confirms

33
00:03:11,340 --> 00:03:16,200
the existence of the vulnerability onto the particular target.

34
00:03:16,740 --> 00:03:20,760
So I hope you guys understood how to do this particular PEOC.

35
00:03:20,940 --> 00:03:28,350
It was very quick and pretty simple to identify if any website is vulnerable to the click jacking attack

36
00:03:28,350 --> 00:03:29,250
through the PUC.

37
00:03:29,670 --> 00:03:30,180
Thank you.