Y
Hacker News
new
|
ask
|
show
|
jobs
by
joev_
4291 days ago
Actually X-Frame-Options does not save you here. There is a BYPASS_XFO datastore option in the module that turns this into a one-click exploit. This allows the attack to work against sites with the XFO header.
1 comments
steakejjs
4291 days ago
Absolutely critical to know. Thanks joev_. I see that now after reading the msfmodule. This is a good one!
link