Post

Meow's CyberAttack - Application/Server Attacks - Hijacking - Clickjacking

Posted
By Grace L
1 min read

book: S+ 7th ch9

Meow’s CyberAttack - Application/Server Attacks - Hijacking - Clickjacking

Clickjacking

  • attacker using multiple transparent or opaque layers

  • to trick a user into clicking a button / link on another page when they were intending to click on the top-level page.

  • When an user thinks that they are clicking on the link, they are actually activating the invisible button to a completely different site
    • often then asking information that is collected by the miscreant for future malevolent purposes.
  • most clickjacking attacks use Hypertext Markup Language (HTML) frames.
    • A frame allows one web page to display another web page within an area defined as a frame or iframe.

Prevention

web developers implement new standards to defeat them.

  • Most methods focus on breaking or disabling frames .
  • ensures that attackers cannot display your web page within a frame on their web page.

Example

  • the Facebook share example is thwarted by Facebook web developers adding code to their web pages preventing the use of frames.
10CyberAttack, Hijacking
CyberAttack Hijacking
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.