Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Clickjacking demos prepared for DevCon2011

tree: 393bc4829c

Fetching latest commit…

Cannot retrieve the latest commit at this time

README
These are the demos prepared for my session on clickjacking - "It is this easy to steal your click!" for DevCon 2011 (http://mugh.net/devcon/Agenda.html), Microsoft Hyd. Slides can be found here: http://www.slideshare.net/novogeek/clickjacking-devcon2011

Regarding the code, the files attack0-3.htm contains iframes which point to a genuine webpage (e.g., like the one located in "Genuine" directory). Make sure the url in iframe is right and demo should work perfectly. 

The genuine webpage has a vote button (The idea is to mimic facebook like button). It increments vote count on every click, stores the value in session and displays it on screen. We will frame this genuine page and trick the user to click the vote button. Vote count displayed on screen will show that the button is clicked. 

Live demo at: http://labs.novogeek.com/DevCon2011/clickjack/ 

I have written a jQuery plugin (js/clickjack.js) to ease clickjacking ;) It just accepts a URL to be iframed and puts the target page under the cursor! Yay!!
Something went wrong with that request. Please try again.