Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Click jacking alert [false] on product registration attempt


  • Please log in to reply
2 replies to this topic

#1 MaryBet82

MaryBet82

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 AM

Posted 01 July 2011 - 01:48 PM

Mac OS 10.6.8, Firefox 5.0 w/ noscript 2.1.2rc0

I was trying to register my Wacom tablet and when I got to the webpage where I enter my email address & name & address I got a clickjacking alert from noscript - specifically when I clicked the email box. When I clicked on the image in the alert box that is supposed to show you the hidden image it looked like it was showing me the top border of the page as the hidden image. Since I was just seeing another part of the web page already visible I figured this was most likely a false alert. I called Wacom anyway and asked.

I don't know enough about web page setup to know what could cause a false alert and I'm not sure what I would see if the alert was showing me a clickjack element. Would I see a Send button or a Donate button? From what I read on the noscript page it sounds like clickjacking would require going to an evil webpage and wouldn't happen due to a security breach at a legitimate site. Is that correct?
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

BC AdBot (Login to Remove)

 


#2 computerxpds

computerxpds

    Bleepin' Comp


  • Moderator
  • 4,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:45 AM

Posted 03 July 2011 - 11:48 AM

Now dont quote me on this, but I believe that click jacking is where a page has an invisible overlay like link across either the whole page or multiple ones across various points on the page. Most of the time, yes it is used for malware distribution, IE you click any area on the site then it opens a new page to a bad website, but it is also sometimes used for advertising, IE you click on a video and it opens a new site or an ad site. But that was most likely a false alert from no script. I'm guessing that wacom said nothing was wrong?
sigcomp.png 
If I have replied to a topic and you reply and I haven't gotten back to you within 48 hours (2 days) then send me a P.M.
Some important links: BC Forum Rules | Misplaced Malware Logs | BC Tutorials | BC Downloads |
Follow BleepingComputer on: Facebook! | Twitter! | Google+| Come join us on the BleepingComputer Live Chat on Discord too! |

#3 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:45 AM

Posted 05 July 2011 - 11:06 PM

My understanding of clickjacking is that there are elements - like send buttons - that you don't see under a layer of a web page that you do see - or the other way around. Wikipedia describes it as loading a page in a transparent layer over another page. So you think you are clicking one thing and actually you're clicking another. I can't figure out how one can be tricked into revealing confidential info from the descriptions I've read. That was my concern at the wacom web site - did the alert mean wacom's registration page had been compromised and if I typed in my email & name & address it would go somewhere other than just wacom. I know reputable sites get hacked but I don't know if reputable sites can have a clickjacking page loaded over their legitimate page.

Wacom's tech just said their web page was secure - that the alert must have been a false positive.

From what I'd read before, I thought clickjacking happened when you followed a bad link to an evil web page. How exactly invisible buttons stole info or took over your computer had something to do w/ browser/OS services/programs/permissions interactions, flash, & a confused deputy. I.e., I had no idea. Then I read something that made me wonder if clickjacking could be added to a legitimate web page.

If I get another clickjack warning I'd like to be able to figure out if it's likely real or likely not.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users