-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathclickjacker.py
28 lines (16 loc) · 958 Bytes
/
clickjacker.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#!/usr/python3
import subprocess
import os
if os.path.exists("curl_output"):
os.remove("curl_output") # Checking if the file exists
command = "read target; curl -I $target > curl_output" # Defining the command to run
output = subprocess.check_output(command, shell=True) # Running the command and retrieving the output
print(output.decode(), "\n") # Decoding the output to a string and printing it
with open('curl_output', 'r') as file:
# Read the contents of the file into a string
contents = file.read()
# Check if any of the strings are present in the contents
if "Strict-Transport-Security" not in contents and "Content-Security-Policy" not in contents and "X-Frame-Options" not in contents and "X-Content-Type-Options" not in contents and "Referrer-Policy" not in contents and "Permissions-Policy" not in contents:
print("\nVulnerable to Clickjacking!!!!!!")
else:
print("Not Vulnerable")