[+] Category : Spoofing [+] Category : Spoofing Technique [+] Author : yogyacarderlink.web.id [+] Contact : (00x0---www.yogyacarderlink.web.id [+] date : 4-2-10 [+] biGthank to : Allah SWT,jasakom,KeDai Computerworks,0n3-d4y n3ro,eplaciano, all*.indonesian like a coding, ) (http://server/page?frame_src=http://examp le/file.html) replace “frame_src” parameter value with “frame_src=http://you.example/spoof.html” user expected domain example.com--->foregion data you.example.com links can be sent to a user via email,messages, left on bulletin board post, or forced upon users by Xss attacker. If you gets a user to visit a web page designated by their malicious address, the user will believe he is view authentication from address when he is not. Users will implicitly trust the spoofed since the browser url bar displays http://example, when in fact the underlying frame htm is referencing http://you.example exploits attack the trust relationship established between the user& the web site. The technique has been used to create fake web pages including defacements,login acces forms, false press releases,etc sampling: Creating a spoofed press release. Lets say a web site use created HTML frames for their press release web pages. A user would visit a link such as (http://example/pr?pg=http://example/pl/03xxx.html). The resulting web page HTML would be: code: “pl” web apps in samplign creates HTML with a static menu&dynamic generated frame src. “pl_content” frame pulls its source from the URL parameter value of “pg” to display the requested press release content. But what if an you(attacker) altered the normal URL to http://foo.example/pr?pg=http://attacker.example/sp oofed_press_release.html? Without properly sanity checking the “pg” value, the resulting HTML would be Snippet code: end user you.example.com