Using JS to Steal Facebook Likes Claim your FREE iPad - - PowerPoint PPT Presentation

▶

Oct 15, 2022 226 likes •379 views

Using JS to Steal Facebook Likes Claim your FREE iPad Bait-and-switch Note: many of these attacks are similar to TOCTTOU (Time of Check to Time of Use) vulnerabilities From Clickjacking: Attacks and Defenses , by Lin-Shung Huang et al,

SLIDE 1

SLIDE 2

From Clickjacking: Attacks and Defenses, by Lin-Shung Huang et al, Carnegie Mellon University / Microsoft Research

Using JS to Steal Facebook Likes

Bait-and-switch
Note: many of these attacks are similar to

TOCTTOU (Time of Check to Time of Use) vulnerabilities

Claim your FREE iPad

SLIDE 3

From Clickjacking: Attacks and Defenses, by Lin-Shung Huang et al, Carnegie Mellon University / Microsoft Research

Compromise visual integrity – target

Hiding the target
Partial overlays

Click

$0.15 $0.15

SLIDE 4

From Clickjacking: Attacks and Defenses, by Lin-Shung Huang et al, Carnegie Mellon University / Microsoft Research

Clickjacking to Access the User’s Webcam

Fake cursor

Real cursor

SLIDE 5

SLIDE 6

SLIDE 7

SLIDE 8

SLIDE 9

SLIDE 10

SLIDE 11

SLIDE 12

SLIDE 13

SLIDE 14