Friday, August 31, 2012

Iframe - Malicious Code Execution By Chintan_FrOgy_Gurjar


Description:
As we all know that the iFrame and Script are the HTML tags. But Now a days hackers are using iFrame and its internal attributes like Height Width and Frameborder more. Typically iFrame allows a developer to embed the content of one page to the another page. Calling one page's content to other page and showing there. Means A developer can call multiple page's content to show all in one page.

But the cyber criminals has found the exploit this functionality in order to run their malicious code to the client side.Hackers are using more iFrames as well as the Script command to execute javascripts as well as other malicious scripts to the client side through their websites. This type of attack is also called as Drive-By Attack. This type of attack is allowing hackers to run their code invisibly as well as silently.

Know More about iFrame for HTML5 -
http://www.w3schools.com/html5/tag_iframe.asp

Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.

Original Source: http://www.youtube.com/watch?v=kFr7u9sl0xY

No comments:

Post a Comment