Khaled and I just gave a talk in Owasp Qatar about tricks you can do with the Cross Window Redirect, and how it can help you in phishing attacks. I few people asked for the slides, so I though I’ll link to them here.
The PoC links are:
- http://michaelhendrickx.com/misc/sf.html: To see the child-redirection
- http://michaelhendrickx.com/misc/ek/: (send this in a facebook message and open it there) for the parent redirection.
I also gave an update of my social engineering talk which I gave a few months ago.