Enable X-Frame Options Header To Disable ClickJacking

How To Enable X-Frame Options Header To Disable ClickJacking in Repertoire 8.9 and Above

In this post, I’ll share how to set up an appropriate X-Frame-Options or Content-Security-Policy HTTP header in Repertoire 8.9 and above.

This will prevent attackers from “hijacking” clicks meant for login and stealing their credentials.

In this example, we are using Burp Suite Community Edition and Burp ClickBandit to demonstrate how to identify Clickjacking Vulnerabilities and to configure accordingly.

Step 1: Identify Potential ClickJacking With Burp ClickBandit

1. Visit the page you would like to test.

2. Press F12 to open the web developer console.

3. Open ClickBandit_JavaScript.txt. Copy and paste the codes in the console of your browser.

xFrameImage11365×494 64.2 KB

Step 2: Run The Attack As Instructed

1. Click the start button to start. For testing purposes, we just click anywhere in the page.

xFrameImage21366×657 112 KB

2. Once you are done, click the finish button to end.

xFrameImage31366×657 109 KB

3. Click anywhere in the page to trigger the attack. You should be able to see the message “you’ve been clickjacked”.

xFrameImage41366×657 110 KB

Step 3: Enable X-Frame-Options HTTP Header Field

1. Open ERS2.xml in the Repertoire Server directory. It can be found under the sub folder config.

2. Remove the comment for the following codes from line 172 onwards to this:

<ers:property name=“XFrameOptionFilter”>SAMEORIGIN</ers:property>

<ers:property name=“StrictTransportSecurity”></ers:property>

3. Save the file and restart the server.

Step 4: Execute the Above Sequence Again

1. You should be able to see the following result.

xFrameImage51366×657 76.6 KB

Resource:
https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/missing-x-frame-options-header/
https://portswigger.net/support/using-burp-to-find-clickjacking-vulnerabilities

Clickbandit_JavaScript.txt (30.4 KB)