You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 lines
1.2 KiB
55 lines
1.2 KiB
#!/usr/bin/env bash |
|
|
|
# Name of firefox binary |
|
firefox="firefox" |
|
# If firefox developer edition is installed, use that instead |
|
type "firefox-developer-edition" 2>&1 >/dev/null && firefox="firefox-developer-edition" |
|
|
|
# Name of firefox profile to use |
|
# This will need to be a profile that isn't currently open |
|
# I suggest making one for headless use |
|
# go to about:profiles in firefox to create one |
|
profile="headless" |
|
|
|
# Url of site to put in iframe |
|
url="$1" |
|
|
|
# Name of image to make |
|
output="${2:-screenshot.png}" |
|
|
|
source=" |
|
<!DOCTYPE html> |
|
<html> |
|
<head> |
|
<meta charset='UTF-8' /> |
|
<meta name='viewport' content='width=device-width' /> |
|
<title>Clickjacking example</title> |
|
<style type='text/css' media='screen'> |
|
body{ |
|
width: 100vw; |
|
height: 100vh; |
|
border: 2px solid black; |
|
} |
|
iframe{ |
|
border: 3px solid black; |
|
width: 80%; |
|
height: 80%; |
|
margin: 20px auto; |
|
display: block; |
|
} |
|
h1, p{ |
|
text-align: center; |
|
} |
|
</style> |
|
</head> |
|
<body> |
|
<h1>Clickjacking example</h1> |
|
<iframe src='$url'> |
|
</iframe> |
|
<p>If content is rendered above, the site is vulnerable to clickjacking</p> |
|
</body> |
|
</html> |
|
" |
|
|
|
|
|
$firefox -P "$profile" --screenshot "$output" "data:text/html;base64,$(echo "$source" | base64 -w 0)"
|
|
|