Hi, all! Just want to inform you that I have added very simple grep plugin [0] for possible ClickJacking [1] attack detection. Tests also have been added[2]. Principle of check is try to find X-Frame-Options header in response. If no such header then URL is vulnerable. Current TODO is to add cookie check because in wild world target of such attacks is action of **authorized** user in vulnerable web application. Comments are welcome! :)
>> 1.ClickJacking& Phishing by mixing layers and iframe > We can code grep plugin to detect such flaws. > Logic is very simple - if response is text_or_html and hasn't > X-Frame-Options header then we can consider that such response is > vulnerable to framing -> ClickJacking [0]. I know about frame breaking > scripts but, imho, currently this header is the best solution. [0] http://w3af.svn.sourceforge.net/viewvc/w3af/branches/csrf/plugins/grep/clickJacking.py [1] https://www.owasp.org/index.php/Clickjacking [2] w3af.svn.sourceforge.net/viewvc/w3af/branches/csrf/extras/testEnv/webroot/w3af/grep/clickjacking/ -- Taras http://oxdef.info ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
