I've read that clickjacking is a browser security issue. How do the hackers manage to overlay their transparent frames/pages over legitimate pages/frames? Does it require them to hack into the target server (e.g. bank's web site) and place the bad stuff there or does the browser user inadvertently pick up the bad stuff at a third party site and it is activated when the user browses the right page on the target server?
Thank you.
Newbie Clickjacking question
Newbie Clickjacking question
Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0
Re: Newbie Clickjacking question
Suppose it need not be a "legitimate" site that gets hacked.
It could simply be some "bad" site that you visit.
Or from some link you clicked/followed.
Or email...
Specific as to how it might get on a particular site, not sure?
How Clickjacking Works
It could simply be some "bad" site that you visit.
Or from some link you clicked/followed.
Or email...
Specific as to how it might get on a particular site, not sure?
How Clickjacking Works
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0 SeaMonkey/2.33.1
Re: Newbie Clickjacking question
The short answer is: you have it backwards. The attacker doesn't put their site on top of the legitimate one. They put the legitimate one - invisibly - on top of their own. You think you're clicking on the attacker's cat videos, but on top of them is the Amazon 'Buy it now' button. The attacker can do this, because they're allowed to open pages from other sites in a frame.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:39.0) Gecko/20100101 Firefox/39.0
Re: Newbie Clickjacking question
Thank you both for responding. The reason I'm asking is because noscript has detected a clickjacking attack on a bill pay page at a online bank I use. Flipping back and forth between the images show different parts of what appears to be the same page. I'm careful to ensure I specify the right link and use https to access the bank. The behavior seems intermittent. Sometimes it happens, sometimes not. When it does, I clear my browser cache. Any thoughts about how I should investigate this further?
Thanks for your help.
Thanks for your help.
Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0
Re: Newbie Clickjacking question
Oh.. then sorry for moving this to Web Tech, I wasn't clear your question had anything to do with NoScript.m5W9xC wrote:The reason I'm asking is because noscript has detected a clickjacking attack on a bill pay page at a online bank I use.
I'll put it back in NS General in a moment...
Well there are a couple things you can do next time it happens:m5W9xC wrote:I'm careful to ensure I specify the right link and use https to access the bank. The behavior seems intermittent. Sometimes it happens, sometimes not. When it does, I clear my browser cache. Any thoughts about how I should investigate this further?
1) Report it and post here the report ID, and wait for Giorgio to look at it
2) Also, check the Browser Console (Ctrl-Shift-J) for NoScript related messages (especially anything to do with ClearClick) and post those here as well (note that the URLs may contain sensitive information about you if you are logged in when this happens; it should be fine to post the URLs with those parts censored)
*Always* check the changelogs BEFORE updating that important software!
-