The Net of Worms – ClickJacking Delivered Worm

When talking about ClickJacking, people will first think how to use it to Hijack Web Cam or microphone. Let’s forget about webcam jacking thingies this time. Been thinking of how to use iFrame redressing (ClickJacking) techniques to exploit web application security. Finally my mind lands to a word, which is known as ‘Worm’.

Just like the Click-Jacking style Joomla CMS hijackingCSRF and Automation are needed to infect blogs, CMS, forums, and etc. Possible? Yes indeed!

Scenario :

  • Victim log in to his/her blog, and does not sign out from it.
  • Victim visits a malicious site with Click-Jacking, any clicks there will trigger a CSRF attack which will attempt to insert a script into victims blog theme. (Just like Wordpress Theme Editor)
  • The script will generate an iFrame containing Click-Jacking
  • Now the victim’s blog become a zombie that will attempt to infect all his/her blog’s visitors blog.

Isn’t it lovely? Just a thought . . .

Posted in CSRF, Logical, click-jacking | 3 Comments »
Click-jacking on Joomla Powered Site Video PoC

Here is the Click-jacking Proof Of Concept video made by me. On the video, I show you how to pawn or hack a joomla powered site using click-jacking.

How it works :

- First a victim logged into his Joomla Powered site Administration Control Panel

- He didn’t logged out from the service

- He visited a malicious site

- He clicked on something (anything on the page)

- By the time he clicked, his Joomla Powered site password has been changed without his notice

Read the rest of this entry »

Posted in CSRF, click-jacking | 10 Comments »