What's New
- You like Kejut and want to place a link to Kejut in your website? That's easy! Click here!
This Week's Top 10
| 644 | | 307 | | 278 | | 262 | | 227 | | 224 | | 215 | | 212 | | 186 | | 180 |
Random Articles
RatHoles: Are you bored?
|
|
Can you trust the status bar? Try to click this link. That link will bring you to the article page, even though if you notice it before clicking, the address was not that!
Apakah status bar bisa dipercaya? Coba deh klik link ini. Link itu akan membawa Anda ke halaman artikel, walau kalau anda perhatikan sebelum klik, alamatnya bukan itu!
Karena mengandung kode2 dalam Bahasa Inggris, jadi harusnya pengunjung yang mau mencoba ini tau Bahasa Inggris. Jadi cukup versi itu saja ya, kali ini.
This page has been mentioned in Digg. Click here if you like this page! By the way, the methods described below is for educational purposes only. Maybe somehow can let web-browser makers know another security measures that can be taken with this kind of trick.
Introduction
Hi! This is a demonstration on how links can deceive you. Try to click any link on the box below. See your status bar or right click and select properties if you still don't believe.
Place your mouse on those links. What do you see in the status bar of your browser? Right-click on the link and select copy to clipboard or similar. What do you get on the clipboard? Is it different from the address you arrive at when you click the link?
It has been tested on IE 6, Firefox 1.5 and Opera 8.
Click here if you want to download the solution directly!
The Trick
The trick is quite simple. Just place an onmousedown event that sets the link address to the new one. So when the user clicks on the link, he/she will go to the new address.
Before:
<A href="http://www.microsoft.com/ie">
After:
<A href="http://www.microsoft.com/ie"
onmousedown="this.href = 'http://mozilla.org'"
>
Problem 1
When the user goes back to this page, or cancels the loading of the new page, he/she will see the new link address in his/her status bar. So we need to change it back to the old address after the user clicks it.
<A href="http://www.microsoft.com/ie"
onmousedown="this.href = 'http://mozilla.org'"
onclick="this.href = 'http://www.microsoft.com/ie'"
>
Does it work? No! Because the old address will be set again just before the user goes to the new page. So doing this is useless. Hmm, what to do?
Apparently adding a very small delay solves the problem.
<A href="http://www.microsoft.com/ie"
onmousedown="this.href = 'http://mozilla.org'"
onclick="setTimeout(function() {
this.href = 'http://www.microsoft.com/ie';
}, 1)"
>
The "1" above means that the link address will be restored 1 millisecond after the user clicks on the link.
Hurray, the problem is solved!
Problem 2
It's not good to have the old link string mentioned twice. It would be nice if we can just specify it once.
Fine, lets just store the old address before setting the new one. Before that, let's move the event handler outside for more convience. We also add the onclick handler on-the-fly.
linkMap = new Map(); // code is below
function down(obj, e, url) {
linkMap.put(obj, obj.href);
obj.href = url;
obj.onmouseup = obj.onclick = function () {
up(this);
};
}
function up(obj) {
setTimeout(function() {
obj.href = linkMap.get(obj);
}, 1);
}
After that, we can make our link much more simple. That is:
<A href="http://www.microsoft.com/ie"
onmousedown="down(this, event, 'http://mozilla.org')"
>
Problem 3
When the user right-clicks, the new address is shown instead of the old address.
Hmm, seems we need to filter which click triggers the address change. Just modify the down() function to be like this, which supports left-click and middle-click:
function down(obj, e, url) {
linkMap.put(obj, obj.href);
if (!e || !e.which || e.which <= 2) obj.href = url;
obj.onmouseup = obj.onclick = function () {
up(this);
};
}
The !e, !e.which etc is done for the BAD IE browser.
Problem 4
How about keypresses, like for users who navigate links using keyboard?
Fortunately this is not too complicated, just add a onkeydown event that calls the same function as the onmousedown event if the key pressed is 13 (enter) or 32 (space).
function key(obj, e) {
if (e.keyCode == 13 || e.keyCode == 32) obj.onmousedown(obj);
}
And for the link:
<A href="http://www.microsoft.com/ie"
onmousedown="down(this, event, 'http://mozilla.org')"
onkeydown="key(this, event)"
>
How do I make such links?
1. Insert this code inside <script> tags in your page.
function Map() {
this.keys = [];
this.values = [];
this.count = 0;
this.put = function (key, value) {
with (this) {
for (i=0; i<count; i++) if (keys[i] == key) {
values[i] = value;
return;
}
keys[count] = key;
values[count] = value;
count++;
}
}
this.get = function (key) {
with (this) for (i=0; i<count; i++) {
if (keys[i] == key) return values[i];
}
}
}
var linkMap = new Map();
function key(obj, e) {
if (e.keyCode == 13 || e.keyCode == 32) obj.onmousedown(obj);
}
function down(obj, e, url) {
linkMap.put(obj, obj.href);
if (!e || !e.which || e.which <= 2) obj.href = url;
setTimeout(function () {
window.status = linkMap.get(obj);
}, 1);
obj.onmouseup = obj.onkeyup = obj.onclick
= obj.onmouseout = function () {
up(this);
};
}
function up(obj) {
setTimeout(function() {
window.status = obj.href = linkMap.get(obj);
}, 1);
}
2. Create your links. To create it, use this HTML tags:
<a href="the displayed URL"
onmousedown="down(this, event, 'the actual destination URL')
onkeydown="key(this, event)"
>
(Replace the italicized text above with the actual values)
Known Problems
- Using the script above, visitor can still visit the original link address by right-clicking and selecting "Open". You can modify it to handle right click, but the new address will be shown in the status bar. Any suggestion is appreciated.
- In Opera, you can middle-click on the link and open the old address.
- In Firefox, you can hold down the left button to show the new address.
Anyway, majority of the user will only left-click it normally, right?
Conclusion
What is it used for? DON'T FOLLOW THESE SUGGESTIONS!
- To trick people. To surprise people that the link they thought was pointing to some site has misled them.
- To silently count external link clicks on your web page. E.g. the link is shown as http://yahoo.com but is actually http://yoursite.com/count.php?url=http://yahoo.com
- ..... just for fun.
Written by: yuku
| di Opera 9 ga jalan.. :p
btw, best web browser harusnya
opera 9 lah.. :p
arri [sg], 27 Apr 2006, 0:22 reply
|
 | Ass,,,Saya Ibu Siti Di Singapore - Saya Mengutarakan Kalau
Saya Menang Togel Lagi,Itu Atas Bantuan NYAI RONGGENG
Terimah Kasih Banyak Yaa NYAI YAng Telah Memberikan Angka
Jitu Nya Kepada Saya Yaitu 9283 Dan Alhamdulillah
Berhasil,Berkat Bantuan NYAI Saya Sudah Bisa Membahagiakan
Kedua Orang Tua Saya,Bahkan Semua Hutang-Hutang Saya Bersama
Hutan Kedua Orang Tua Saya Semuanya Pada Lunas Dan Bahkan
Saya Juga Sudah Bisa Membuka Usaha Kecil-Kecilan,Bagi Anda
Yg Ingin Seperti Saya Silahkan Hub Nomor NYAI RONGGENG Di :
085286344499 Atau Klik
http://pesugihandukundanagaibasli.blogspot.com Karena Cuma
Angka Ghoib NYAI RONGGENG Saja Yg Memberikan Bukti YAng Lain
Maa Cuma Menghabiskan Uang Saja,Nomor Ritual NYAI RONGGENG
Memang Selalu Tepat Dan TerBukti.
Ibu Siti [--], 6 Jul 2018, 16:22 reply
|
| masih ada yg kurang tuh..
kalo di mouse-nya di arahin ke
link-nya, lalu pencet tombol kiri.. jangan di lepas..
kemudian geser ke luar link, baru lepas... Tulisannya ga
balik lagi ke awal.. jd masi bs ketauan deh :P lalu jadi
ada javascript errornya...
26 [sg], 27 Apr 2006, 15:20 reply
|
| masi kurang juga, klo di firefox ato opera pake open in new
tab jadinya malah masuk ke link yg ditunjukin, bukan link yg
sharusnya, cobain deh
roti [sg], 28 Apr 2006, 10:11 reply
|
| wahh ^^
ku coba klik kanan tetep aja muncul aslinya?? wah
hayo kenapa?
hehehe idenya bagus juga yah!! n analisisnya
tajam juga..tapi emang sih biasanya yg akal2an itu banyak
bugnya ya :P tapi klo orang biasa mah ga pake ngetes-ngetes
klik kiri klik kanan kalo mau buka link..
|
| Wah, bagi orang awam seperti aku, baca ini
pusiiiing...
Btw, artikel yang bagus...
Keep going...
|
| This is possibly the most retarded how-to i have ever have
the displeasure to read. Why the hell do you people bother?
FFS
|
| UGH. Way to go, asshats. What a super way for spammers and
virus writers to getaround the disabling javascript means of
hiding links. Thanks for making the web just a little more
treacherous.
|
| yeah, it's official--you're fucksticks. Your little
conclusion on why do this is bullshit and you know it. Like
Paul said, way to enable the script kiddies.
|
| To really get it to work, you would have to take into
account all of the different ways of opening the link. My
natural habit for opening links is to always either
right-click and select "Open in new tab", or to middle-click
to open in a new tab. If I do either of those, this
technique does nothing (well, except make a perfectly
ordinary link to Microsoft's website).
An interesting
idea, but it isn't really that new. And it still doesn't
mask the actual address that it sends you to, so it isn't
that different form just a regular text-link (like 'CLICK
HERE' or such).
If a person is going to be phished by a
fake site without looking at the address bar and making sure
they are at the real site, are they really going to be the
kind of person for whom this technique would make any
difference? These are the same people who would never look
in the status bar in the first place to see where they're
going.
|
| Doesen't work on Firefox 1.5.0.2
Goes to show how secure
Firefox is as compared to
IE.
Sharjeel
http://www.sharjeel.net
|
| your Map() is actually already built in JavaScript so you
don't have to create your own Map()
var abc =
anyObject;
var linkMap = new Object();
linkMap[abc] =
anotherObject;
var x = linkMap[abc]; // x is assigned the
anotherObject
So now you can remove your Map() class :)
felix_halim [id], 1 May 2006, 3:15 reply
|
| Sorry for mistake in the previous post, the built in map[]
in JavaScript seemed to work only if the "key" is a string.
So it won't work for your case (storing Object as the
key).
The workaround is to dynamically assign unique ID
for the tag and put the ID of the element as the "key"
instead of the Object to the map... :) but that's sound
more complicated than creating your own Map() :)
felix_halim [id], 1 May 2006, 3:38 reply
|
| This is very interesting but I think browser issues will
cause way too many problems for this to be effective for
very long.
|
| i always use middle-click at opera
|
| extremely good information, very nice trick
|
| Very Good Information..
Yupz.. The best Web Browser is Opera 9..
I think..
Ya.. Informasi yang sangat bagus..
Ya.. Web Browser terbaik adalah Opera 9
Menurutku...
|
| man.....that was confusing....y don't u just give the cut
paste html link....for the above fun...u guys must realise
that there are loads of people around having websites
without any html or javascript knowledge.....
kakarot [in], 30 May 2007, 10:42 reply
|
| hmm... belum gw coba di kompie gw.. sekarang masih di kopi
dulu.. semacam fake hyperlink gt y? browser gw pake firebird
ver. 0.7 dengan bahasa defaultnya bahasa jepang.
kuyasaiko [id], 21 Nov 2007, 11:33 reply
|
| extremely good information, very nice trick
BesplatneStvari.biz [ba], 16 Mar 2008, 13:24 reply
|
| Informasi berharga untuk anda. Web yang di perkirakan bakal
mengalahkan
Yahoo dan Google yang akan lounching pada tgl 1 Juli 2008
akan
membagikan sebagian sahamnya yang sebesar $ 1,000,000.00
kepada siapa
saja yang bergabung menjadi anggotanya (Free) sebelum tgl 1
Juli 2008.
Ayo buruan gabung untuk mendapatkan saham gratis. FREE to
JOIN. all the
world.
KLIK Join Disini http://www.WebUpgrade9.com/shodiqfm
|
| Rank and rate anything and everything
|
| hi
|
| Good review bro...!thank ,but it dont work with firefox
|
| s
|
| It doesnt work, it just redirects exactly to the link that
is there.
Jacob [nl], 4 Dec 2008, 13:43 reply
|
| download sepuasnya
|
| wew
|
| NOT WORKING...
I believe this is due to browser safety mechanism to prevent
phishing...
|
| Thank you! This article is great and it was very helpful!!!
Keep on writing more articles like these!
|
| Aduh..puyeng.....btw thanks infonya :)
|
| mantap, mo nyoba ah, teng kyu,,
|
| ohhhh gini toh caranya
rina emot [--], 6 Jun 2012, 9:03 reply
|
| hello
|
| change password
|
| <a href="http://youtube.com" onclick="this.href =
'http://www108.zippyshare.com/v/0cyqdjFz/file.html'">DEMO<
;/a>
Te [--], 23 Jan 2018, 0:36 reply
|
| :PPPPP
AAA [--], 20 May 2021, 14:29 reply
|
| Please give rating! :) thank you
hello we have sent you a form to your destination.
we invite you to join this middle school once you graduate
Evelyn Chiu age: 10 grade: 6
Please consider the request we would love to have you for
our classes too. if you join you may meet Botex9
Lol just gonna copy and paste this. just ignore my dumb
motherfucking ass brain. :) and this was very helpful
@BotsForEducation.ca [eu], 5 Jul 2021, 2:47 reply
|
| Buat Saudarah Yang Punya Permasalahan Ekonomi Yang Ingin Di
Bantu Melalui jln Pesugihan Uang Gaib / Nomor Togel Dan
Lain-lain Silahkan Hub Nyai Ronggeng Di No-Hp:
https://wa.me/6281241452747 Atau Kunjungi Situs Web Nyai
Yang Resmi Di http://jual-sewa-tuyul.blogspot.com/ Silahkan
Buktikan Sendiri Karna Saya Sudah Membuktikannya,
Paranormal Ampuh [--], 4 Oct 2023, 14:15 reply
|
| Buat Saudarah Yang Punya Permasalahan Ekonomi Yang Ingin Di
Bantu Melalui jln Pesugihan Uang Gaib / Nomor Togel Dan
Lain-lain Silahkan Hub Nyai Ronggeng Di No-Hp:
https://wa.me/6281241452747 Atau Kunjungi Situs Web Nyai
Yang Resmi Di http://jual-sewa-tuyul.blogspot.com/ Silahkan
Buktikan Sendiri Karna Saya Sudah Membuktikannya,
Paranormal Ampuh [--], 4 Oct 2023, 14:15 reply
|
|
|
207107
