SQABD - SQA Bangladesh

Friday, October 27, 2006

Your Secured Information could be Hacked away

Thanks to Jyotirmoy Banik for sharing the URL about how could the Text of your Clipboard could be stolen while you might be visiting several websites and you forgot that you have already copied your Credit Card number or PIN number or Email address or Password for further use.

Copy any thing and go to URL: http://www.sourcecodesworld.com/special/clipboard.asp
You will see that they have retrieved your Clipboard information. It is easy to do while you are sufring using Internet Explorer (IE) , but not in Firefox or Opera.

It is true, text you last copied for pasting (copy & paste) can be stolen when you visit web sites using a combination of JavaScript and ASP (or PHP, or CGI) to write your possible sensitive data to a database on another server. Hopefully you haven't copied a credit card number recently before surfing!


Text From Your Clipboard - Source Code

The Clipboard hack is done by the following Source Code:









<Script Language="JavaScript">

var content = clipboardData.getData("Text");

alert(content);

</Script>





To avoid Clipboard Hack Problem of Internet Explorer (IE) , do the following:

1. Go to internet options->security
2. Press custom level
3. In the security settings, select disable under Allow paste operations via script.

Now the contents of your clipboard are safe. :)


Source: sourcecodesworld.com

2 comments:

; said...

I've literally forgotten when I last used 'I' and 'E' together :) With that I've also forgotten the following stuff:

1)Popups

2)Spywares

3)Irritating and inane javascripts saying stuff like "OMG,LMAO,YOUr PC is HAwT over 68DegrEE CelsciUS..to Fix it CliCK hEre).But offcourse, back then I was thrice the web-n3wb I'm right now.

4)A thing called Active X. I didn't know what it was, and thank lord I didn't care.

But, wait I just lied... I do have to use IE sometimes...especially since the daily bangla newspapers think that any nancy drew should be left to design their site that only renders perfectly under the IE bandwagon amd has no RSS feeds/daily-syndications what so ever.

Although, the new IE 7 is tryin hard...too bad the final cut FF 2.0 is out to slay this pestilent assortment of nasty codes.

Hey, you have a pretty good tech blog. I can't seem to understand why there hasn't been a large scale blog-conf in BD (the last one was very small, and my friends called me "nerd" when I attended it). There should also be a dedicated listing of tech/mod/hack and all other sorts of blogs like 9rules. I get most of the traffic on my tech-blog from places outside BD :( I just wish there were a much more dedicated user base in BD. Even my engineer friends only use their internet connection for the purpose of instant messenging and social networking (mostly with brazilian spamming robots). I won't say that I haven't been through such a phase, but I've learn a good lesson and try to teach it to others whenever I can :)

Tahmid Munaz said...

@Antunu
Thanks for your comments. We some of the IT professionals are trying to comeup with a Web Service for all Bangladeshi based Technical Bloggers and the Technical Blog readers.

I was feeling the same and some of my friends were also thinking something like this.

Thanks for your idea sharing and Lets hope for the best :)

Keep in touch :)

 
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 License.