You know what Clickjacking ?


Hello friend. How are you?
At last boring exam is close :p Today i will show you one of the most common cyber threat ClickJacking how to works and what problem do you feel everyday. Lets see,




ClickJacking is web application vulnerability. This is called user-interface , UI redressing and IFRAME overlay. Those who heard the new name may have thought that it might not be a big mistake in any wrongdoing. If you thoughts that its a simple attack , i think your thoughts is wrong.A picture below is given to you to understand, well notice.


A clickJacking is a form of embedded code or script that can execute without the user's knowldge.
Such as clicking an like button , like , add extension  etc ,that appears to perform another function.  You see this . It's seen here asked to play this video. You think the video will be seen by clicking here. You thoughts are wrong. If we look at the above chip, we can see that this is a server written above [ warring !! The content your are about to view may be inappropiate some user, It may contain shocking graphics , nudity or disrespect other individuals. To view this content ,please verify that you are 18 or older by pressing confirm button below]
A little bellow is two click option Confirm and other Cancel. Whenever a Victim presses the Confirm button, then just ask for permissions for downloading a file. Now if Victim gives permission for that file, then the file will start downloading and a Victim can not imagine how big a trap he really is. And what the file can do to harm it.



The figure above show up that asked to play this video. Attacker hide a exploit behind this button so you cannot see it. When you click, you will be taken to attacker web page and tell you to add extension or install file . A picture below is given to you to understand,


Add extension means that giving permission to attacker an embedded code or scripting is hidden behind the extension . When you add extension then the infection begins start.
The picture below shows a script that is written here and this script is created for the Facebook Like Button. It has created thousands of scripts like hackers, and I have given the image as an example.

Lets see another example . Suppose you browsing website , sudden you saw a page that there is something written in this page like as Are you 18+ ??  Suppose here has a option like as Yess i'm under 18+ and No i'm not 18+. Most of the time its happen when you visit porn site :p 
Click this button that Yes i'm under 18+ mean that you give permission to attacker :D
You want to continue the presence on that server but you did not do a backlink or a source view that actually did you click on that click.  You click here but you don't understand what will be happen next time. Automatically web cam will be open and all your video will be passed in the way.
Its also depended on program . Everything will be happen but we don't understand.By


The last one would like to talk The person who encourages me on my way , 
he is Delwar alam brother. 

Comments