Phishing Attacks Using the HTML5 Fullscreen API

Feross Aboukhadijeh (developer of www.ytinstant.com) was developed a Phishing  concept using HTML 5 FullScreen Api. 

Credit: http://feross.org

 

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. (http://en.wikipedia.org/wiki/Phishing)

                                    

Many of the people associate phishing via e-mail  that mimic , banks, credit card companies. These messages look authentic and attempt to get victims personal information.

HTML 5 Full Screen API- 

 The HTML 5 Full screen API  allows  developers show web content that fills  the user’s screen completely. eg: watch a fullscreen video on YouTube.

Feross explain how this  API can works, by  hide the interface elements of the users' browser.

Most of the browsers have  user-triggerable full-screen functionality . The HTML5 Fullscreen API is differ from this. this  allows the web developer to access the  same functionality ,  trigger it programmatically. 

Eg : elementToMakeFullscreen.requestFullScreen();

Developer can trigger full screen when user clicks on a link or button .

Eg: Trigger Full screen using Jquery

$('#button').on('click', function() {
  var doc = document.documentElement;
  if (doc.requestFullscreen) {
    doc.requestFullscreen();
  }
});

Browser Notification.

Apple's Safari browser, version 6.01 and later no sign ( little ) that full-screen  activated or not. 
Google Chrome, version 22 and later some notice.

Mozilla Firefox, version 10 and later, alerts the user with a conspicuous notification.

 

Phishing Using FullScreen Api

Look at the link given bellow
kerala-techies.blogspot.com

The user can check  the link , will show www.kerala-techies.blogspot.com , as expected its good but when you click on the link  the developer (hacker) can call event.preventDefault() to prevent the default action ie  navigating to the link and able to trigger  fullscreen,  and mimic the browser , OS  and go to the fake page . This fake page look like same as the original with a green padlock for HTTPS.

Credit: http://feross.org

$('html').on('click keypress', 'a', function(event) {

  // Prevent navigation to legit link
  event.preventDefault();
  event.stopPropagation();

  // Trigger fullscreen
 

  // Show fake OS and browser UI
  $('#menu, #browser').show();

  // Show fake target site
  $('#target-site').show();
});

Full Source Code

Credit: http://feross.org
DEMO

 

The content of - Phishing Attacks Using the HTML5 Fullscreen API in Kerala Techies  has taken from Various Sources  and Analysis of our Team. This Information given by Kerala Techies.

Read More

World's first Mobile phone with IGZO Display

The first Mobile phone/tablet (any Gadget)  with IGZO display - Sharp Aquos Phone Zeta SH-02E  announced by NTT DoCoMo. 

This Smart Phone comes with he Qualcomm Snapdragon S4 Pro APQ8064 chipset with quad-core Krait CPU at 1.5GHz and Adreno 320 graphics, with Android 4.0 Ice Cream Sandwich,4.9-incher with a 1,280 x 720 pixels resolution, 300 ppi pixel density, NFC support and LTE compatibility.

 NTT DoCoMo says that the SH-02E supports pen input.The display also supports a new audio system which vibrates the whole panel to transmit sound directly into the ear. Sharp Aquos Phone Zeta SH-02E has 16MPcamera, a 1.2MP front-facing camera. this have a large capacity battery (2320+mAh or more) and dust and waterproof .

the SH-02E will launch in November or December this year but  there’s no word about  whether it is  launch outside of Japan.

The content of - World's first Mobile phone with  IGZO Display in Kerala Techies  has taken from Various Sources  and Analysis of our Team. This Information given by Kerala Techies.




 

Read More

Rail Radar - Track Your train via Google Map

Indian Railways launches RailRadar

Now Every one can find  a train's current  location on a Google map. indian railway  just publish  online train tracking  application RailRadar. anybody can find the exact  location of about 6,500 trains on a Google map .Indian  Railways operate more than 10,000 trains everyday , currently this application can spot about 6500 trains. if we click on a train map will show route, stops, current location. In the map trains are highlighted with red and blue colour. 

RED : Trains delayed.

BLUE : Runnning on time

rail rader helps us to find taind between two staions  without providing train numbers , and many more helpful features.

Click here to track your Train

or
trainenquiry.com

The content of - RailRadar - Track Your train via Google Map in Kerala Techies  has taken from Various Sources  and Analysis of our Team. This Information given by Kerala Techies.

Read More

Chinese Android Tablet with Retina Display

 

Chinese tablets with  retina  displays.

We all know  Apple’s iPads are  the king in  the  tablet market. even if   the rise of the many  7-inch budget Android tabs and rumors going on about  10 inch Nexus (2,560 x 1,600 pixels resolution display).But Now the real android tablet with retina display (brand name used by Apple) . we  have two Android tablets released able to fight with iPad (screens’ resolutions).  Cube U9GT 5 and Chuwi V99 are the  hero's (Chinese) do not think about other Chinese tablets or mobile phones .

Chuwi V99 

The 9.7-incher supports 2,048 x 1,536 pixel display and runs on  Android 4.1 Jelly Bean, a Cortex A9-based dual-core 1.6 GHz Rockchip RK3066 CPU,  1 GB of RAM, 16 GB of on-board storage, dual 2 MP cameras, microSD support, Bluetooth, Wi-Fi, and  10 hours backup.  we can buy from pandawill  (a chinese online retailer) they provide worldwide free shipping.  

 

Price : $289.99

 

Cube U9GT 5 

Next one Cube U9GT 5 ,Cube is the name of the company that provide tablet with an iPad-like Retina display with  2048 x 1536 resolution display with 264 ppi ,   run  on Android 4.1 Jelly Bean , full Google Play access , dual-core 1.6GHz RockChip RK3066 processor , ARM Mali 400 GPU,1GB of RAM, 8 or 16GB of on-board memory, Wi-Fi and Bluetooth. now they take pre-orders between October 18 and 30. Cube U9GT 5 start shipping after  October 31.

Price $200

Model	Display	Resolution
Ipad 3	9.7	2048 x 1536
Asus Transformer Pad	10.1	1920 x 1200
Chuwi V99	9.7	2,048 x 1,536
Cube U9GT 5	9.7	2,048 x 1,536

The content of - Chinese Android Tablet with Retina Display in Kerala Techies  has taken from Various Sources  and Analysis of our Team. This Information given by Kerala Techies.

Read More

Samsung S 3 mini

Galaxy S3 mini name and announcement confirmed by Samsung

At last Samsung confirmed abut their new product Samsung s3 mini after lots of roumers .
Samsung is going to launch the Samsung Galaxy S3 mini on 11 October during an event in
Frankfurt, Germany. Samsung’s chief named JK Shin has just confirmed this information , name and
announcement of the smartphone both has been confirmed.

 He also said that it would be a high end smart phone.but he did not give any more details about this.  there is no need to wait more. just one night

The content of - Samsung S 3 mini in Kerala Techies  has taken from Various Sources  and Analysis of our Team. This Information given by Kerala Techies.

Read More

How to download torrent anonymously

How to download torrents safely

Before one month  AGENTJADOO an Anti Piracy Agent developed by Jadootech Solutions Pvt Ltd. They said that they track ip address and details of the persons who downloaded the torrents.

 Now torent downloaders in searching to make their torrent downloading anonymous , there are many methods to make a user anonymous such as use of VPN ,bt guard, seedbox to hide some one’s ip address but here is new one called anomos. Anomos is a pseudonymous, encrypted multi-peer-to-peer file distribution protocol.we know that transfer of data takes place in BitTorrent is by peer exchange.here the anomos make advantage of this peer procees in BitTorrent with onion routing anonymization and end to end encryption.by using this approach no one can know about the peers and what they are downloading. Anomos use a format known as atorrent so transfer rate is much slower than normal bittorrent downloading and this is not compatiable with all normal torrent format

The content of -How to download torrent anonymously in Kerala Techies  has taken from Various Sources  and Analysis of our Team. This Information given by Kerala Techies.

Read More

Bad Piggies - From the creators of Angry Birds

Bad Piggies -Flying Piggies - From the creators of Angry Birds

 From the creators of Angry Birds -(Rovio) latest game released - Bad Piggies. This is very interesting and funny puzzle game .

 Story

The Bad Piggies   at last found a map to the birds eggs, but unfortunately  now that maps parts are  in different parts of  Piggy Island. the King Pig give order to his subordinate to find and recover the map ,even from the the bottom of a cave or top of a mountain.

Now available only  in 

Google Play 

 App Store

 PC 

Mac download

But it has not yet made  Chrome application. this piggies  set a new record - top of the charts within  three hours after release.

FAKE BAD PIGGIES

The Rovio not publish any Google chrome version of bad piggies. now hackers added fake bad piggies to  Chrome Web Store  with  a phishing plug-in that may   injected an unwanted adware program into Chrome browsers.The lack of a free online version. Just few days after the game launched,we can  found seven free versions of the games in the Google Chrome web store(at the time of writing).

scientist from  Barracuda Networks finds that all these games are  distributed by the  playook.info. After the  installation, the fake games insert their own advertisements into  websites.

Read More