Facebook Clickjacking Scripts Hijacking Facebook Users

In the following post Hijacking Facebook Users With Clickjacking our guest author gave a detailed explanation about the idea behind clickhijacking attack. Therefore in this post we will not talk or explain the mechanism behind clickhijacking attack. The goal and moto of this post is to let you know how abusive this attack has been since past recent months.

So for those of you who don't know Clickjacking is?, it is a method of hijacking a users click in tricking him to click in to clicking some thing else. In the past Clickhijacking was used to hijack users click in to clicking on advertisements and make revenue.

Here is an example of a wordpress clickhijacking script that costs about 15$, that would trick the users into clicking ads without annoying them.

However now a days clickjacking is being used for tricking users in to liking a facebook page. As you might know that due to panda effect internet marketers are seen to be more focused on social media promotion. Therefore clickjacking scripts provid lots and lots of benefits to people who tend to use black hat SEO for promotion of the website and facebook pages.

But what makes this even worse is the people distributing the clickjacking scripts for free or selling it. Recently I came across dozens of forums selling clickjacking scritps on a very cheap rate.

Here are some of the screen shots which I took recently:

Demonstration

In order to demonstrate how clickjacking works, I setup a page on my free hosting account embedded with clickjacking script that would trick the users into liking the following page on clicking:

Here is the screenshot of the page where I installed Clickjacking script. (I took the script from an online forum and then modified it to meet my needs). The infected page stated the following:

On clicking the click here to download your FreeToSell Package link the script was initiated which automatically liked the voteformypic page.

By now you might have understood the whole idea behind the clickjacking attack. However if you would like to see more detailed analysis, I would recommend you to check the following post Hijacking Facebook Users With Clickjacking

Note: We have not shared the link to the infected page in order to prevent any misuse, However if you are really interested in testing the attack for your self kindly leave an email to rafayhackingarticles@gmail.com.

Subscribe to our Newsletter and receive updates directly via email - Get Ethical hacking and security tips directly to your inbox. Alternatively you can Join our Hackers Community on Facebook, Google+ and Twitter.

Kindly Bookmark it and Share it with Friends:

9 comments:

Gazzaly on June 14, 2012 at 12:59 AM said...: Wow! another Rafay Class article :)
Thank you! Gonna share this in ma Blog with Credits
BTW welcome Back just roCk it Bhaiii

Regards
M.Gazzaly
(gazzaly.info)
Rafay Baloch on June 14, 2012 at 10:04 AM said...: @Gazzaly
Thanks brother, You have been one of top commentators of this blog and have been very supportive.
hanzla habib on June 14, 2012 at 9:16 PM said...: hey i really like your blog but cant understand !!! :P
Gazzaly on June 14, 2012 at 11:27 PM said...: you Warmly welcome my Dear Bro!!

Regards
M.Gazzaly
(gazzaly.info)
Anonymous said...: really interesting script..

but sir how can i use it for affiliate selling?

please send me code which we can use it for affiliate selling
( niki23798 (at) yahoo (dot)com )
Sk on June 25, 2012 at 10:28 AM said...: Great article!
manish bhattacharya on June 28, 2012 at 8:58 PM said...: thanks for such great study material for newbies like me
Content management system on July 7, 2012 at 12:38 PM said...: hello!! Very interesting discussion glad that I came across such informative post. Keep up the good work friend. Glad to be part of your net community.
dsdd on July 23, 2012 at 5:14 PM said...: I want to talk with u raffa