Hello friends, welcome back!
Today, I’ll be sharing how I discovered a Clickjacking vulnerability and successfully chained it with an open redirect to earn a $140 bounty 💰. It’s a great example of how chaining simple bugs can lead to real impact. Whether you’re new to bug hunting or experienced hunter you’re more than welcome here. Let’s dive in! 🔍

What is Clickjacking?

Clickjacking is something many of us in the security space have come across before, but just to keep things clear, let’s quickly revisit what it actually is.

Clickjacking is a trick where users are made to click on something without realizing it, usually by showing a real page inside a hidden or fake frame, so the user thinks they’re clicking one thing, but they’re actually clicking something else.

“Let’s see how I chained Clickjacking with an Open Redirect.”

STEPS TO REPRODUCE :

1 -> Let’s consider the target as redacted.com. I found the vulnerability on the “Login” page, As I was Doing Login process I thought, “Why not test for Clickjacking real quick?” It’s simple, but you never know what might turn up.

2 -> I visited to clickjacker.io to test the url and confirming the Clickjacking issue, I realized it might not be enough on its own to qualify for a bounty. So, I thought to chain it with something more impactful.

3 -> I decided to chain it with Open redirect which can be classified as a low or medium severity.. I wrote a HTML code in a notepad file. Which allowed me to combine both vulnerabilities and demonstrate how they could be exploited together.

4 -> Replace the affected URL with: https://example.com .

5 -> Save this as a HTML File and opened it in a web browser | Click on Click here to win the Prize..

6 -> BOOM !!!! I was redirected to evil.com

📬 Disclosure & Reward

When I reported the bug, the expectation was not so high for a reward.But the team confirmed it and sent a $140 bounty. Not bad for something I discovered just by stumbling around.