From 1fcce389a44fa1d97df5562e36316702a8b26746 Mon Sep 17 00:00:00 2001 From: AndrysquiDev Date: Tue, 24 Dec 2024 09:03:38 -0600 Subject: [PATCH] Recoded everything, polished everything, and much more. Now the code has proper indentation, comments describing everything, is no longer dependant of an external file, has URL validation, shows more detail about every found vulnerability, in the case multiple URLs are scanned it makes a summary, and much more. I also fixed a small typo in the README. --- README.md | 2 +- click-j1ck3r.sh | 327 ++++++++++++++++++++++++++++++++++++++++++++++++ clickjack.sh | 145 --------------------- poc.html | 33 ----- 4 files changed, 328 insertions(+), 179 deletions(-) create mode 100755 click-j1ck3r.sh delete mode 100644 clickjack.sh delete mode 100644 poc.html diff --git a/README.md b/README.md index fe14ac1..3f3ed6a 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ # Installation - 1. git clone https://https://github.com/machine1337/clickjack + 1. git clone https://github.com/machine1337/clickjack 2. cd clickjack && chmod +x clickjack.sh # Usage diff --git a/click-j1ck3r.sh b/click-j1ck3r.sh new file mode 100755 index 0000000..c49720a --- /dev/null +++ b/click-j1ck3r.sh @@ -0,0 +1,327 @@ +#!/bin/bash + +#Coded By Machine404! Don't copy this code without giving me credit~ +#https://instagram.com/invisibleclay100 +#https://twitter.com/whoami4041 +#https://www.youtube.com/channel/UCC_aPnmV_zGfdwktCFE9cPQ + +# Color definitions for output formatting +NC='\033[0m' # No Color +RED='\033[1;38;5;196m' +GREEN='\033[1;38;5;040m' +ORANGE='\033[1;38;5;202m' +BLUE='\033[1;38;5;012m' +BLUE2='\033[1;38;5;032m' +PINK='\033[1;38;5;013m' +GRAY='\033[1;38;5;004m' +NEW='\033[1;38;5;154m' +YELLOW='\033[1;38;5;214m' +CG='\033[1;38;5;087m' +CP='\033[1;38;5;221m' +CPO='\033[1;38;5;205m' +CN='\033[1;38;5;247m' +CNC='\033[1;38;5;051m' + +# HTML PoC template with proper indentation +# Will be populated with the target URL when vulnerability is found +read -r -d '' POC_HTML << 'EOT' + + + ClickJacking POC + + + + + +
+

POC Made By Machine404

+
+ +
+ +
+ + +EOT + +# Display banner with tool information +function banner() { + clear + echo -e ${CP}" ______ _ ___ ____ _ __ _ _ ____ _ _______ ______ #" + echo -e ${CP}" / / ___| | |_ _/ ___| |/ / | / |/ ___| |/ /___ /| _ \ \ #" + echo -e ${CP}" | | | | | | | | | ' /_____ _ | | | | | ' / |_ \| |_) | | #" + echo -e ${CP}" < <| |___| |___ | | |___| . \_____| |_| | | |___| . \ ___) | _ < > > #" + echo -e ${CP}" | |\____|_____|___\____|_|\_\ \___/|_|\____|_|\_\____/|_| \_\ | #" + echo -e ${CP}" \_\ /_/ #" + echo -e ${CNC}" A Simple Tool To Find ClickJacking Vulnerability With POC #" + echo -e ${YELLOW}" Coded By: Machine404 #" + echo -e ${CP}" Follow Me On: ${CPO}Instagram: invisibleclay100 #" + echo -e ${CP}" ${PINK}Twitter: whoami4041 #" + echo -e ${RED}"############################################################################# ${NC} \n " +} + +# Make sure curl is installed +function check_requirements() { + command -v curl >/dev/null 2>&1 || { echo -e "${RED}[!] curl is required but not installed.${NC}"; exit 1; } +} + +# Validate and normalize URL +function validate_url() { + local input_url=$1 + # Validate URL format + if [[ ! $input_url =~ ^https?:// ]]; then + input_url="https://$input_url" + fi + + # Remove trailing slashes + input_url=${input_url%/} + + # Basic domain validation - accepts domain names and IPs + if [[ $input_url =~ ^https?://[a-zA-Z0-9.-]+\.[a-zA-Z]{2,} ]]; then + echo "$input_url" + return 0 + fi + + echo "" + return 1 +} + +# Get valid URL input from user +function get_url_input() { + local url="" + + while true; do + printf "${BLUE}[+] Enter domain name (e.g., example.com or https://example.com): ${NC}" >&2 + read -r url || return 1 + + [[ -z "$url" ]] && { + echo -e "${RED}[!] URL cannot be empty. Please try again.${NC}" + continue + } + + if validated_url=$(validate_url "$url"); then + echo "$validated_url" + return 0 + else + echo -e "${RED}[!] Invalid URL format. Please try again.${NC}" + fi + done +} + +# Check single URL for clickjacking vulnerability +function single_url() { + banner + url=$(get_url_input) + + echo -e "${ORANGE}[*] Testing $url for clickjacking vulnerability...${NC}" + + # Validate URL + validated_url=$(validate_url "$url") + if [ -z "$validated_url" ]; then + echo -e "${RED}[!] Error: Invalid URL format${NC}" + return + fi + + # Check if site is accessible + check=$(curl -s -L -A "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/81.0" \ + --connect-timeout 5 --max-time 10 --head "$validated_url" 2>/dev/null) + + if [ $? -ne 0 ]; then + echo -e "${RED}[!] Error: Could not connect to $url${NC}" + return + fi + + echo -e "${BLUE}[*] Analyzing security headers...${NC}" + + # Check X-Frame-Options header + local is_vulnerable=true + if echo "$check" | grep -iE "X-Frame-Options: (DENY|SAMEORIGIN)" &>/dev/null; then + is_vulnerable=false + echo -e "${RED}[✗] X-Frame-Options header found and properly configured (Protected, Not Vulnerable)${NC}" + elif echo "$check" | grep -i "X-Frame-Options:" &>/dev/null; then + echo -e "${YELLOW}[!] X-Frame-Options header found but may be misconfigured (Potentially Vulnerable)${NC}" + else + echo -e "${GREEN}[✓] No X-Frame-Options header found (Unprotected, Vulnerable)${NC}" + fi + + # Check Content-Security-Policy frame-ancestors + if echo "$check" | grep -i "Content-Security-Policy:" | grep -iE "frame-ancestors\s+(\'none\'|\'self\')" &>/dev/null; then + is_vulnerable=false + echo -e "${RED}[✗] Content-Security-Policy frame-ancestors directive found and properly configured (Protected, Not Vulnerable)${NC}" + elif echo "$check" | grep -i "Content-Security-Policy:" &>/dev/null; then + echo -e "${YELLOW}[!] Content-Security-Policy header found but frame-ancestors directive may be missing (Potentially Vulnerable)${NC}" + else + echo -e "${GREEN}[✓] No Content-Security-Policy header found (Unprotected, Vulnerable)${NC}" + fi + + # Check for HTML meta tags (as fallback) + local page_content + page_content=$(curl -s -L -A "Mozilla/5.0" "$url" 2>/dev/null) + if echo "$page_content" | grep -iE "]+http-equiv=[\"']X-Frame-Options[\"'][^>]*>" &>/dev/null; then + echo -e "${YELLOW}[!] X-Frame-Options meta tag found (not as effective as HTTP header, yet potentially protected)${NC}" + fi + + if [ "$is_vulnerable" = true ]; then + echo -e "${GRAY}[!] $url is potentially vulnerable to clickjacking!${NC}" + + # Generate PoC file + echo -e "${BLUE}[*] Generating PoC...${NC}" + poc_filename="clickjacking_poc_$(date +%s).html" + echo "$POC_HTML" | sed "s|TARGET_URL|$url|g" > "$poc_filename" + echo -e "${GREEN}[✓] PoC has been generated as ${poc_filename}${NC}" + echo -e "${YELLOW}[*] Open this file in a browser to test the vulnerability${NC}" + + echo -e "${PINK}\n[?] Would you like to open the PoC right now? (y/n) : ${NC}" + read -r poc_press + if [ "$poc_press" = "y" ] || [ "$poc_press" = "Y" ]; then + open "$poc_filename" &>/dev/null + echo -e "${GREEN}[✓] PoC opened in the default browser${NC}" + fi + else + echo -e "${RED}[✗] $url appears to be protected against clickjacking${NC}" + fi + + echo -e -n "${CP}\n[?] Would you like to go back to main menu? (y/n) : ${NC}" + read -r back_press + if [ "$back_press" = "y" ] || [ "$back_press" = "Y" ]; then + menu + else + echo -e "${GRAY}[!] Exiting...${NC}" + exit 0 + fi +} + +# Check multiple URLs from a file +function mul_url() { + banner + local url_file="" + + while [ -z "$url_file" ] || [ ! -f "$url_file" ]; do + echo -e -n "${CP}\n[+] Enter path to URL list file: ${NC}" + read -r url_file + + if [ -z "$url_file" ]; then + echo -e "${RED}[!] File path cannot be empty. Please try again.${NC}" + elif [ ! -f "$url_file" ]; then + echo -e "${RED}[!] File not found: $url_file${NC}" + fi + done + + echo -e "${ORANGE}[*] Testing URLs from $url_file...${NC}" + + summary_file="clickjacking_summary_$(date +%s).txt" + touch "$summary_file" + + while IFS= read -r url; do + url=$(validate_url "$url") + echo -e "\n${BLUE}[*] Testing $url${NC}" + + check=$(curl -s -L -A "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/81.0" \ + --connect-timeout 5 --max-time 10 --head "$validated_url" 2>/dev/null) + + if [ $? -ne 0 ]; then + echo -e "${RED}[✗] Could not connect to $validated_url${NC}" + echo "[$validated_url] - Connection failed" >> "$summary_file" + continue + fi + + echo -e "${BLUE}[*] Analyzing security headers...${NC}" + + # Check X-Frame-Options header + local is_vulnerable=true + if echo "$check" | grep -iE "X-Frame-Options: (DENY|SAMEORIGIN)" &>/dev/null; then + is_vulnerable=false + echo -e "${RED}[✗] X-Frame-Options header found and properly configured (Protected, Not Vulnerable)${NC}" + elif echo "$check" | grep -i "X-Frame-Options:" &>/dev/null; then + echo -e "${YELLOW}[!] X-Frame-Options header found but may be misconfigured (Potentially Vulnerable)${NC}" + else + echo -e "${GREEN}[✓] No X-Frame-Options header found (Unprotected, Vulnerable)${NC}" + fi + + # Check Content-Security-Policy frame-ancestors + if echo "$check" | grep -i "Content-Security-Policy:" | grep -iE "frame-ancestors\s+(\'none\'|\'self\')" &>/dev/null; then + is_vulnerable=false + echo -e "${RED}[✗] Content-Security-Policy frame-ancestors directive found and properly configured (Protected, Not Vulnerable)${NC}" + elif echo "$check" | grep -i "Content-Security-Policy:" &>/dev/null; then + echo -e "${YELLOW}[!] Content-Security-Policy header found but frame-ancestors directive may be missing (Potentially Vulnerable)${NC}" + else + echo -e "${GREEN}[✓] No Content-Security-Policy header found (Unprotected, Vulnerable)${NC}" + fi + + if [ "$is_vulnerable" = true ]; then + echo -e "${GRAY}[!] $validated_url is potentially vulnerable to clickjacking!${NC}" + echo "[$validated_url] - VULNERABLE" >> "$summary_file" + + # Generate PoC for vulnerable sites + poc_filename="$results_dir/poc_$(echo "$validated_url" | sed 's/[^a-zA-Z0-9]/_/g').html" + echo "$POC_HTML" | sed "s|TARGET_URL|$validated_url|g" > "$poc_filename" + echo -e "${GREEN}[✓] PoC has been generated: $poc_filename${NC}" + else + echo -e "${GREEN}[✓] $validated_url is protected${NC}" + echo "[$validated_url] - Protected" >> "$summary_file" + fi + done < "$url_file" + + echo -e -n "${CP}\n[?] Would you like to go back to main menu? (y/n) : ${NC}" + read -r back_press + if [ "$back_press" = "y" ] || [ "$back_press" = "Y" ]; then + menu + else + echo -e "${GRAY}[!] Exiting...${NC}" + exit 0 + fi +} + +# Handle ctrl+c gracefully +trap ctrl_c INT +function ctrl_c() { + echo -e "${RED}\n[!] Ctrl+C pressed. Exiting...${NC}" + exit 1 +} + +# Main menu +function menu() { + banner + + check_requirements + + echo -e "${YELLOW}[1] Scan Single URL${NC}" + echo -e "${BLUE2}[2] Scan Multiple URLs${NC}" + echo -e "${RED}[3] Exit${NC}" + + while true; do + echo -e -n "${CP}\n[+] Select an option: ${NC}" + read -r choice + case $choice in + 1) single_url ;; + 2) mul_url ;; + 3) echo -e "${RED}[!] Exiting...${NC}" ; exit 0 ;; + *) echo -e "${RED}[!] Invalid option. Please try again.${NC}" ;; + esac + done +} + +# Start the script +menu \ No newline at end of file diff --git a/clickjack.sh b/clickjack.sh deleted file mode 100644 index 683ed6a..0000000 --- a/clickjack.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/bash -NC='\033[0m' -RED='\033[1;38;5;196m' -GREEN='\033[1;38;5;040m' -ORANGE='\033[1;38;5;202m' -BLUE='\033[1;38;5;012m' -BLUE2='\033[1;38;5;032m' -PINK='\033[1;38;5;013m' -GRAY='\033[1;38;5;004m' -NEW='\033[1;38;5;154m' -YELLOW='\033[1;38;5;214m' -CG='\033[1;38;5;087m' -CP='\033[1;38;5;221m' -CPO='\033[1;38;5;205m' -CN='\033[1;38;5;247m' -CNC='\033[1;38;5;051m' -#Coded By Machine404! Don't copy this code without giving me credit~ -#https://instagram.com/invisibleclay100 -#https://twitter.com/whoami4041 -#https://www.youtube.com/channel/UCC_aPnmV_zGfdwktCFE9cPQ -function banner(){ -echo -e ${CP}" ______ _ ___ ____ _ __ _ _ ____ _ _______ ______ #" -echo -e ${CP}" / / ___| | |_ _/ ___| |/ / | / |/ ___| |/ /___ /| _ \ \ #" -echo -e ${CP}" | | | | | | | | | ' /_____ _ | | | | | ' / |_ \| |_) | | #" -echo -e ${CP}" < <| |___| |___ | | |___| . \_____| |_| | | |___| . \ ___) | _ < > > #" -echo -e ${CP}" | |\____|_____|___\____|_|\_\ \___/|_|\____|_|\_\____/|_| \_\ | #" -echo -e ${CP}" \_\ /_/ #" -echo -e ${CNC}" A Simple Tool To Find ClickJacking Vulnerability With POC #" -echo -e ${YELLOW}" Coded By: Machine404 #" -echo -e ${CP}" Follow Me On: ${CPO}Instagram: invisibleclay100 #" -echo -e ${CP}" ${PINK}Twitter: whoami4041 #" -echo -e ${RED}"#############################################################################\n " - -} -function single_url(){ -clear -banner -echo -e -n ${BLUE}"\n[+] Enter domain name (e.g http|https://target.com/) : " -read url -check=$(curl -s -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/81.0" --connect-timeout 5 --head $url ) -echo "$check" >> temp.txt -sami=$(cat temp.txt | egrep -w 'X-Frame-Options|Content-Security-Policy|x-frame-options|content-security-policy:' ) - - -if [[ $sami = '' ]]; -then -echo -e -n "\n[ ✔ ] ${NC}$url ${RED}VULNERABLE \n" -sleep 1 -echo -e -n ${BLUE}"\nDo U Want To Open POC In Browser: [y/n]: " -read back_press -if [ $back_press = "y" ]; then -if [ -f vuln.html ]; then -#echo -e -n ${RED}"[*] Old Vuln.html File Found! Removing Old File! " -rm vuln.html -fi -if [ -f poc.html ]; -then -cat poc.html | sed "s|vuln|$url|" >> vuln.html -open vuln.html -rm temp.txt - -else - echo -e -n ${RED}"[ X ] POC File Not Found! Exiting" - exit -fi -elif [ $back_press = "n" ]; then -echo -e -n ${CP}"[+] POC Saved As Vuln.html" -rm temp.txt -cat poc.html | sed "s|vuln|$url|" >> vuln.html -sleep 1 - exit - fi - -else - - -echo -e -n ${CP}"\n[ X ] $url ${CG}NOT VULNERABLE " -fi -} - -function mul_url(){ -clear -banner -echo -e -n ${CP}"\n[+] Enter path of lists (e.g http|https://target.com/) : " -read urls -for sanga in $(cat $urls); -do -res=$(curl -s -H "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/81.0" --connect-timeout 5 --head $sanga ) -echo "$res" >> temp.txt - -sami=$(cat temp.txt | egrep -w 'X-Frame-Options|Content-Security-Policy|x-frame-options|content-security-policy:' ) - -if [[ $sami = '' ]]; -then - - - -echo -e -n ${BLUE2}"\n[ ✔ ] ${CG}$sanga ${RED}VULNERABLE \n" -echo "$sanga" >> vulnerable_urls.txt -else - -echo -e -n ${CP}"\n[ X ] ${NC}$sanga ${YELLOW}NOT VULNERABLE " -fi - -done -rm temp.txt -} -trap ctrl_c INT -ctrl_c() { -clear -echo -e ${RED}"[*] (Ctrl + C ) Detected, Trying To Exit... " -echo -e ${RED}"[*] Stopping Services... " -if [ -f temp.txt ]; then -rm temp.txt -fi -sleep 1 -echo "" -echo -e ${YELLOW}"[*] Thanks For Using CLICK-J1CK3R :)" -exit -} - -menu() -{ -clear -banner -echo -e ${YELLOW}"\n[*] Choose Scanning Type: \n " -echo -e " ${NC}[${CG}"1"${NC}]${CNC} Single Domain Scan" -echo -e " ${NC}[${CG}"2"${NC}]${CNC} Multiple Domains Scan" -echo -e " ${NC}[${CG}"3"${NC}]${CNC} Exit" - -echo -n -e ${YELLOW}"\n[+] Select: " - read redi_play - if [ $redi_play -eq 1 ]; then - single_url - elif [ $redi_play -eq 2 ]; then - mul_url - elif [ $redi_play -eq 3 ]; then - exit - fi -} -menu -#Coded By Machine404! Don't copy this code without giving me credit~ -#https://instagram.com/invisibleclay100 -#https://twitter.com/whoami4041 -#https://www.youtube.com/channel/UCC_aPnmV_zGfdwktCFE9cPQ diff --git a/poc.html b/poc.html deleted file mode 100644 index 30b796a..0000000 --- a/poc.html +++ /dev/null @@ -1,33 +0,0 @@ - - - ClickJacking POC - - - - -
-

POC Made By Machine404

-

- - -
- - - -