Clickjacking (bWAPP)
Clickjacking was a prevalent attack method a few years ago that was notable for its use across Facebook, Twitter, Amazon, and other prominent sites. In all of these attacks, hackers tricked users into clicking on a masqueraded or hidden link to launch a malicious page or script. Simple HTML was capable of providing an overlapping iFrame or other mechanism whose presence was not clear to the user, and hackers could use this to overlay a button on top of a legitimate site component such that, when they thought they were clicking on a control, they were instead clicking on a malicious action, often to facilitate capture of their credentials, cookie stealing, or even hooking of the browser. These techniques have been addressed ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access