lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon Aug 8 16:37:27 2005 From: nicob at nicob.net (Nicob) Subject: Defeating Citi-Bank Virtual Keyboard Protection Le vendredi 05 ao?t 2005 ? 22:50 +0200, Michal Zalewski a ?crit : > What I proposed (and I'm sure I'm not innovative here) went along the > lines of hooking up and intercepting the mouse click button, and then, > at the exact moment of mouse click, capturing the position of the > mouse pointer, and a bitmap of its nearest surroundings - ideally, > before the event is delivered to the browser window. That's exactly what the PoC demonstrated here is doing : http://nicob.net/SSTIC05/Demo-SSTIC05.avi And black-hats are already using this kind of tools ... Nicob
Powered by blists - more mailing lists