We've all seen those scummy adverts designed to look like Windows pop-ups. They usually pose as a legitimate system request - "Update Java" or similar.
Suppose a malicious web page pops up a fake system notification and vibrates at the same time. How confident would you be of telling the difference between a legitimate pop-up and a .png on the web page you're viewing. After all, the phone buzzed - so it must be genuine.
This is a proof of concept with minimal html interface to test api support on your device...
Try demo: http://gautamkrishnar.github.io/HTML5-Vibrate-API-Exploit
Just open the demo page in your mobile device:
Type the desired value in seconds and click vibrate now button. You can stop vibration by taping stop vibration button.
You can use HTML5 Vibrate API for creating realisting phishing pages. At the moment, accessing the HTML5 Vibrate API doesn't trigger an on-screen warning.
I am not sure about it. Please help me out by creating a new pull request. Currently supported browsers are:
- Firefox for android
- BB10 Browser
- Google Chrome Beta for Android
Feel free to modify the code and create whatever you want...
Star this repo and spread the word... 👍