7:04 PM
Deepanker Verma
Tabnapping Attack Tutorial: Phishing Attack Tutorial
Tabnapping - Phishing in mulitabbed environment of browsers
How to send this fake page to the victim??
Here comes the Tab Napping which can make your second step easy than before. No need to send fake page via email to victim.
Tab Napping use the modern browser's multi tabbed environment. Now a days all people use multiple tabs for accessing Gmail, facebook, orkut and other websites simultaneously. The trick is to confuse user in his/her multiple tabs and redirect any of idle ta of his browser to your phishing silently. Tab Napping works on the user's assumption that a tabbed web page stays the same when other Internet services are being accessed.
The idea behind this is very simple and is done by javascript. Tab napping is all about the relation of 2 pages. suppose Page A and Page B. Victim was viewing page A in a tab of a browser and then left this idle and and now using some other website in another tab of browser. If the user will not return to page A for some pre-specified time, page A will automatically redirect to Page B. This Page B is your phishing page. This redirection and cheking for user actions is done by Javascript. You can download it for given link.
Make a web page and use the tab napping script in that page say it page A. This script will not affect the layout or content of the page. This script will check for user actions. If the page is idle for some time, this script will redirect this page to a pre-specified page which may be your phishing page. You have to specify this page in the script. Be sure to change this in script.
check script for this line...
The idea behind this is very simple and is done by javascript. Tab napping is all about the relation of 2 pages. suppose Page A and Page B. Victim was viewing page A in a tab of a browser and then left this idle and and now using some other website in another tab of browser. If the user will not return to page A for some pre-specified time, page A will automatically redirect to Page B. This Page B is your phishing page. This redirection and cheking for user actions is done by Javascript. You can download it for given link.
Make a web page and use the tab napping script in that page say it page A. This script will not affect the layout or content of the page. This script will check for user actions. If the page is idle for some time, this script will redirect this page to a pre-specified page which may be your phishing page. You have to specify this page in the script. Be sure to change this in script.
check script for this line...
timerRedirect = setInterval("location.href='http://www.gmail.com'",10000);
this line will redirect to Gmail after 10 sec. Change this location to the address of your phishing page. This line is used 2 times in the script so change is both lines.
so page A with tab napping script will redirect to phishing page B.
Now send the link of the page A to your victim. This is a normal page. If the page is idle for some time it will be changed to page B otherwise no effect.
Download Here:
so page A with tab napping script will redirect to phishing page B.
Now send the link of the page A to your victim. This is a normal page. If the page is idle for some time it will be changed to page B otherwise no effect.
Download Here:
Posted in: Phishing Attack
13 Visitor Reactions & Comments:
nice tutorial dude
yupp
thnks..
i tried this script.. page redirect after 20 sec..
nice trick..
thanks for this nice trick
another nice one,keep posting nice articles
great man!!!u rock,,,it works......one day i gonna kick u by ur own trick!!!
hey man, it worked.... u really rock yaar..... u can visit my blog too.....
http://hackerpalaces.blogspot.com/
Please leave comment ok??
Nice! But i knew it already however appreciate the work!
Hello
can any one help out me?
I would like an absolutely free Mmo that features a massive amount of players and in addition they (perfectly most of them) can communicate English. It's critical that the servers have a very wide range of gamers. I'm seeking out something like Diablo or Wow. I'm furthermore not willing to spend money as I only need a little extra time to destroy at this time. It's ok if the actual game is free of charge along with premium content. I've got looked a lot for MMORPGs but not one of the web pages basically say just how much players tend to be online.
thanks much
Your downloading link is not working.
Thanks for the sbo information, I really enjoyed the post.
ur post so nice and so helpfull.thanks for posting such an information....
telugu songs
VISIT HERE http://www.faster-facebook.com
Post a Comment
For Guest Posts or your valuable suggestions... drop email on "mail@amarjit.info"