I reported a self-xss on file uploader input to a bug bounty company and they said that they will only accept it if i can find a good clickjacking exploit for that input. My question is: Is it possible to make a clickjacking proof of concept on a file uploader input? This XSS trigger if i select a file named <script>alert(1)<.pdf as file to upload. Is it possible to make automatically load a file with a custom name inside of an iframed page file uploader input with just few clicks?
Asked
Active
Viewed 222 times
1
Pong
- 71
- 5
-
Why the close vote? Seems like a perfectly good question to me. – Arminius Dec 10 '19 at 17:30
-
no, you cannot pre-populate a file input with JS. you could generate a file with that name to be downloaded, but that's still only half the battle... – dandavis Dec 10 '19 at 21:49
-
@dandavis, So the only way would be to have the victim download the file and then make it re-upload to the victim? I asked if it was possible with js, but what about php/html? – Pong Dec 11 '19 at 00:14
-
it's not possible with anything. – dandavis Dec 11 '19 at 00:33
-
Is that page vulnerable to clickjacking ? – Rahul Dec 11 '19 at 12:01