Saturday, December 5, 2009

Clickjacking: Starting Point.

Hello folks,
according to wikipedia, clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous Web pages. A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user's knowledge, such as clicking on a button that appears to perform another function.
The term "clickjacking" was coined by Jeremiah Grossman and Robert Hansen in 2008. The exploit is also known as UI redressing.

if you're interested in new advanced clickjacking techniques, I wanna point out this nice paper ( :D ) titled: Frightened by Links, where you can find a couple of examples including codes and images. To me, it's a good starting point. Let me know what do you think about that.

1 comment: said...

What exactly you're writing is a horrible mistake.