Clickjacking for spying?
Well we discussed an overview about click-jacking previously. This time on same lines, a researcher has given a PoC about how can clickjacking be used to hack into victim’s audio and video device (webcam). Well this time GuyA.Net’s PoC preys on Adobe’s Flash Player Setting Manager.
He blogged:that “I’ve written a quick and dirty Javascript game that exploit[s] just that, and demonstrate[s] how an attacker can get… hold of the user’s camera and microphone. This can be used, for example, with platforms like ustream, justin and alike, or to stream to a private server to create a malicious surveillance platform”. The exploit essentially turns the browser into a “surveillance zombie,” he added.
Similar Posts you might be interested in:
Uncategorized | w0lf | October 9, 2008
A video uploaded in youtube that demonstrates the working PoC of Cam-clickjacking
http://in.youtube.com/watch?v=gxyLbpldmuU