Clickjacking for spying?

Well we discussed an overview about click-jacking previously. This time on same lines, a researcher has given a PoC about how can clickjacking be used to hack into victim’s audio and video device (webcam). Well this time GuyA.Net’s PoC preys on Adobe’s Flash Player Setting Manager.

He blogged:that “I’ve written a quick and dirty Javascript game that exploit[s] just that, and demonstrate[s] how an attacker can get… hold of the user’s camera and microphone. This can be used, for example, with platforms like ustream, justin and alike, or to stream to a private server to create a malicious surveillance platform”. The exploit essentially turns the browser into a “surveillance zombie,” he added.

Similar Posts you might be interested in:

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • LinkedIn
  • MySpace

categories Uncategorized | w0lf | October 9, 2008

categories

One Response to “Clickjacking for spying?”

  1. w0lf says:
    October 9, 2008 at 1:25 am

    A video uploaded in youtube that demonstrates the working PoC of Cam-clickjacking

    http://in.youtube.com/watch?v=gxyLbpldmuU

Leave a Reply