Principle and precaution measures of the hanging of the IFRAME frame

Source: Internet
Author: User
Keywords Hang the horse secure guard own

An IFRAME element is a document in a document, or it seems to be a floating frame (frame). The Frames collection provides access to the content of the IFRAME. Use the Frames collection to read and write the elements contained within the IFRAME. For example, if you want to access the backgroundcolor style of the body object within the IFRAME, the syntax should be:

Scolor = Document.frames ("Sframename"). Document.body.style.backgroundColor; Through the object model of the page where the IFrame object is located, you can access the properties of the IFrame object. It cannot access its contents. For example, the syntax for accessing the border style of an IFrame object should be:

Sbordervalue = Document.all.oFrame.style.border;

Note that the properties of an IFRAME must be accessed using a prefix document.all, such as Document.all.iframeId.marginWidth.

Internet http://www.aliyun.com/zixun/aggregation/29809.html ">explorer 5.5 supports transparent content of floating frames. If you want to define transparent content for a floating frame, the following conditions must be met.

What is the greatest danger to the current network security? Many people would say it was a web-hung horse. That's right! In order to steal the numbers, the pages of the horse were growing tens of millions last year. Ordinary netizens know how to prevent the Web page hanging horse on the computer can be engaged in and want to engage in network security related work friends will have more knowledge, know how the Web page hanging horse is how to carry out, there are several ways. The enemy, will be better maintenance of internet cafes, websites, etc., will increase their security skills, and gradually grow into a security engineer.
An excellent safety engineer, to be able to independently responsible for Web site security, LAN Security, server security, to understand the Web page hanging horse iframe frame hanging horse, js file hanging horse, camouflage hanging horse, css hanging horse, ActiveX components such as horse, such as to be targeted to prevent, Avoid security threats such as Web sites and servers. Below, we take the first step to grow as a security engineer, master the details of the IFRAME frame and the corresponding prevention methods.

What is the iframe frame hanging horse

The web has now developed many methods and applications, one of the IFRAME web-frame hanging horse is the most typical way to hang horses, but also the most basic way to hang horses, you can say there is no IFRAME, the Web Trojan in the half can not be well hidden, so that users are not aware of the attack.

What is an IFRAME? IFrame is a very common HTML language tag, it is mainly used in a web interface, divided into the right or the next frame, as we do in the TV painting effect. The Shanzhai search engine interface in Figure 2 is a reference to a typical IFRAME.

But the IFRAME function is also cleverly used by hackers, hackers in some seemingly normal web pages, using a long width of 0 hidden frame, so that users unknowingly open the content of the Web Trojan with loopholes, this technique is like in the picture in the painting TV opened a pay channel, However, because the screen size of the toll channel has been maliciously modified to 0, the TV viewers do not know that they have opened the pay channel, although he did not see, but in fact, the toll channel is actually playing, and will charge a user fee.

The IFRAME frame hangs the horse combat

Let's do a demo to see what the IFRAME frame does with the horse.

The first step: Prepare a handy trojan, such as Pcshare, this software is very simple in setting, easy to operate. Set up relevant services, the last generation of Trojans used by the service control side.

The second step: the use of FTP to the wood immediately to their own web site space, and Notepad record the network path of the Trojan horse. Then use the "ms08-078 Web Trojan Generator" to generate a malicious Web page with ms08-078 vulnerabilities. Find a normal New Year greeting card page, save the page to your designated directory, and then use the Web Designer or Dreamweaver Web page editing software to adjust the saved pages, and then upload them to your site space to see if the pictures and so on can be displayed properly.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.