as in the following example, indicated by the presence of the

name

■

If the frameset uses named frames, but the names appear to be highly

If the application is vulnerable to frame injection, then an attacker can exploit

this using the following steps:

1. The attacker creates an innocuous-looking web site containing a script

that wakes up every 10 seconds and attempts to overwrite the contents

of the frame named 

main_display

. The new content is hosted on the

attacker’s site and contains Trojan functionality that looks identical to

the normal 

wahh-app.com

content, but transmits any entered data to the

attacker.

2. The attacker either waits for 

wahh-app.com

users to browse to his

innocuous site, or uses some proactive means of inducing them to do

so, such as sending emails, buying banner ads, and so on.