Browser In The Browser (BITB) Attack

If i ask you, Which one is real?(1 or 2).

I sure you are shocking by second picture, How this guy able to develop this phishing technique.

Demo:

https://mrd0x.com/demo-c2b899d2175d71fb45e3f86a8ba80644.gif

As he mentioned the technique is simple but effective.

Let us figure out how it works.!!

I used Mr.d0x template on GitHub for finding out how he able to create pop-up window for legitimate URL, forward us to phishing page.

Just guess, what i found. The windows is divide to 3 parts (Title bar, URL bar, Iframe).

Title-bar and URL-bar created by style.css file, Even SSL lock is picture.

Final part is iframe. It is contain malicious or phishing URL, that maybe the attacker used to stole your credential.

# How can we protect our self from this technique?

  • Check if there any URL does not belongs to main URL or authentication URL.
  • Try to drag it OUTSIDE OF the content area of the page first.

References:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store