GMAIL What is Clickjacking? | Security Learner's Blog

Wednesday, 28 May 2014

What is Clickjacking?

Clickjacking attack allows to perform an action on victim website, Mostly Facebook and Twitter accounts are targetable. 
when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top 
level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to other another page, most likely owned by another application, domain, or both. It may be similar to CSRF Cross Site Request Forgeries Attack.

Clickjacking is a term first introduced by Jeremiah Grossman and Robert Hansen in
2008 to describe a technique whereby an attacker tricks a user into performing certain actions on a website by hiding clickable elements inside an invisible iframe.

Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they
are typing in the password to their email or bank account, but are instead typing into
an invisible frame controlled by the attacker.

At present this attack mostly use on social network websites like Facebook and twitter, Because this attack is used by convinced victim for click on the link and SocialNetwork website might be very useful for attack on victim.


I am Fida Hussain,a computer student from Pakistan. Right from the day one I was introduced to computers,I had a passion for Hacking and Information security. So,I started this blog in 2012 to share my views and ideas with the world.


Post a Comment


Security Learner's Blog

Designed by Fida Hussain
This content is DMCA Protected.Copying or reproducing of procedure is prohibited.Do Not Copy!!