Question

Often in bug bounty reports, you’ll need to show companies that real attackers could effectively exploit the vulnerability you found. That means you need to understand how attackers can exploit clickjacking bugs in the wild.

在漏洞赏金报告中，通常需要向公司展示真正的攻击者如何有效地利用您发现的漏洞。这意味着您需要了解攻击者如何在现实环境中利用点击劫持漏洞。

Clickjacking vulnerabilities rely on user interaction. For the attack to succeed, the attacker would have to construct a site that is convincing enough for users to click. This usually isn’t difficult, since users don’t often take precautions before clicking web pages. But if you want your attack to become more convincing, check out the Social-Engineer Toolkit ( https://github.com/trustedsec/social-engineer-toolkit/ ). This set of tools can, among other things, help you clone famous websites and use them for malicious purposes. You can then place the iframe on the cloned website.

点击劫持漏洞依赖于用户互动。要使攻击成功，攻击者必须构建一个足够令用户点击的网站。通常情况下这不困难，因为用户在点击网页前通常不会采取预防措施。但如果你想让攻击更具说服力，请查看 Social-Engineer Toolkit（https://github.com/trustedsec/social-engineer-toolkit/）。这套工具可以帮助你复制知名网站并将其用于恶意目的。然后，你可以在复制的网站上放置 iframe。

In my experience, the most effective location in which to place the hidden button is directly on top of a Please Accept That This Site Uses Cookies! pop-up. Users usually click this button to close the window without much thought.

根据我的经验，将隐藏的按钮放置在“请接受本网站使用 Cookies！”弹出窗口正上方的位置是最有效的。用户通常会不假思索地点击此按钮来关闭窗口。