Loading ...
March 11, 2010
Posted by: Joy : Category: Miscellaneous Trick
Recently in the year of 2010, the previous trick of view friendster private photos is not available anymore as friendster has added authoritation code as a parameter on their request page. Now we need a little more complicated way to get access to friendster private photos.
We have to make the target see a page with hidden iframe containing our evil script to make it works. Actually, it’s merely an automated form to get invited by target to see their private photos. When the target see the page, they wont realize that they actually have invited us to see their private photos. OK, lets start, kindly follow this step by step tutorial :
1. Go to target profile
2. Copy paste this javascript to the address bar :
Read more…
The word private here means that facebook photos/album belong to those profile that are not listed on our friendslist but the privacy setting is set to everyone and the photos tab is hidden. Using this trick below we can reveal the album links. OK, lets try it using my profile as an example :
Multiply is a social networking service with an emphasis on allowing users to share media - such as photos, videos and blog entries - with their “real-world” network. The website was launched in March 2004 and is privately held with backing by VantagePoint Venture Partners, Point Judith Capital, Transcosmos, and private investors. Multiply has over 11 million registered users. The company is headquarterd in Boca Raton, Florida.
Tagged is the 3rd largest social network in the US, and has over 80 million members worldwide. Lately i have also found a hole to insert XSS vector on their profile page. You can see it live on 
Media-Box
