blackice
02-14-2011, 07:31 AM
Everyone knows that the Password input field(login field) also accepts copy+paste and this is the biggest security failure since the internet era. If you think, you are smart enough and can’t be hacked by a hacker you should probably give it a second thought. Sometimes little mistakes can be highly devastating and there is no shame in admitting that we all do make mistakes and careless at times.
You will never hear any security personnel or any website saying they are hack-proof because the truth is, there is nothing called hack-proof, but the noobs just don’t admit it. The hackers have been successfully phishing bulks of credit card data, social security numbers and off course your online identity with very simple tricks.
Do you know every big and small company has a hacking history? Yes and these companies includes twitter, Google, Microsoft and also NASA. of course you can check that for more information if you want. And remember No one is safe here, if you think you are smart enough, buddy you are at big RiSk.
Now lets get back to our topic. almost everyone of us do copy-paste work..Right? isn’t it so simple just press Ctrl+C (copy in windows) to copy and Ctrl+V (paste in windows) to paste?. we all are so used to it that we even copy-paste our password in the login fields. some are so lazy that they cant even type their 8-char password. and that’s where comes the biggest Risk. believe me it’s not at all safe. and Actually, it doesn’t really matter how complex or large your password is, if you use copy and paste option to enter password using any browser such as Internet Explorer then you are at a Big Risk my dear.
Most of us are active on many websites including social networks and for good reasons we setup different passwords (which is a good thing), But gradually it becomes tedious to remember so many passwords and we end up creating an excel sheet or text document of our passwords and later we just copy and paste whenever required. So we finally make that small mistake which is enough for the Cyber Criminals.
How is This Possible?
when you copy any data on your PC including all the big files such as movies,etc, it gets stored in the clipboard (your system) and this clipboard data is accessible from the internet with simple JavaScript and can be further stored on a database using any server side language. It is a very simple yet effective trick to steal unauthorized data. that means your friend sitting far away from you on the PC can access any data that you have copied using simple JavaScript. Yes It is a very simple yet effective trick to steal unauthorized data (personal information).
For the Javascript try this code
var bResult =
window.clipboardData.setData("Text","SAMPLE");
var text = window.clipboardData.getData("Text");
alert('window.clipboardData: '+text);
You will never hear any security personnel or any website saying they are hack-proof because the truth is, there is nothing called hack-proof, but the noobs just don’t admit it. The hackers have been successfully phishing bulks of credit card data, social security numbers and off course your online identity with very simple tricks.
Do you know every big and small company has a hacking history? Yes and these companies includes twitter, Google, Microsoft and also NASA. of course you can check that for more information if you want. And remember No one is safe here, if you think you are smart enough, buddy you are at big RiSk.
Now lets get back to our topic. almost everyone of us do copy-paste work..Right? isn’t it so simple just press Ctrl+C (copy in windows) to copy and Ctrl+V (paste in windows) to paste?. we all are so used to it that we even copy-paste our password in the login fields. some are so lazy that they cant even type their 8-char password. and that’s where comes the biggest Risk. believe me it’s not at all safe. and Actually, it doesn’t really matter how complex or large your password is, if you use copy and paste option to enter password using any browser such as Internet Explorer then you are at a Big Risk my dear.
Most of us are active on many websites including social networks and for good reasons we setup different passwords (which is a good thing), But gradually it becomes tedious to remember so many passwords and we end up creating an excel sheet or text document of our passwords and later we just copy and paste whenever required. So we finally make that small mistake which is enough for the Cyber Criminals.
How is This Possible?
when you copy any data on your PC including all the big files such as movies,etc, it gets stored in the clipboard (your system) and this clipboard data is accessible from the internet with simple JavaScript and can be further stored on a database using any server side language. It is a very simple yet effective trick to steal unauthorized data. that means your friend sitting far away from you on the PC can access any data that you have copied using simple JavaScript. Yes It is a very simple yet effective trick to steal unauthorized data (personal information).
For the Javascript try this code
var bResult =
window.clipboardData.setData("Text","SAMPLE");
var text = window.clipboardData.getData("Text");
alert('window.clipboardData: '+text);