Hi folks,
yet another quick ‘n dirty post on ClickJackign Attempts for personal memories. If you are interested on ClickJacking techniques I strongly suggest this reading (Frightened by Links, Franco Callegati and Marco Ramilli).
The following image describes another great Click Jacking attempt found out in http://japan20111.tk.

As you see in the top left corner a little iFrame is loaded ;). It includes a main.php (unfortunately right now has been removed) which is (was) able to load uncontrolled content. The front-end represents a youtube page (http://japan20111.tk/widget.php).

And an external JavaScript is loaded.

Easy, but effective, like every ClickJacking attempts is … For more complete ClickJacking analysis: here and here

3 thoughts on “ Yet Another ClickJacking Attempt ! ”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.