June 02, 2010
Facebook Visitor Info
Here i go again, right now i’m gonna write a brief review to the social network application i made on last may 2010. As it shows users their own private information such as basic info, birthday, address, mobile number, ip address, email and website, etc, i call it Facebook Visitor Info.
Screenshot :
Yet, this application still needs users interaction to click the big button to load the ajax module to fetch their private data. If you are good enough to see inside, you can find some interesting stuff on the application. You can learn how the data being stolen from facebook private pages and how to break the Cross-Domain Security protection against Cross-Site Scripting. As usual, i’m not gonna tell you the details here, let you guys all find it by yourself, and when you see what i have done there, you can create your own tweak and please use it wisely, dont ever use it to attack people’s pages 
Here is the URL of the application :
http://apps.facebook.com/visitor-info
Media-Box
June 4th, 2010 at 2:03 AM
jadi ini kayak tab INFO gitu ya om joy?
June 7th, 2010 at 5:50 AM
@zaynul
haha.. that’s ok dul.. gratis ini dah, paling repot add2 tmen2 lg
@aa
kurang lebih untuk nampilin yg liat itu tab, kaya visitor boxnya fs dulu
emang diambil dr tab infonya si pemilik
June 8th, 2010 at 6:54 AM
wahaha i think get more sajen kali dulz
June 14th, 2010 at 11:42 PM
salut gw ma om joy..
oprekanya slalu joss…
Di Tunggu Apps Windows Alertnya om xixii..
June 15th, 2010 at 4:12 PM
Nice tutorials and very useful bro joy,i like it…:D
July 4th, 2010 at 4:29 PM
wakakkak .. cuma bisa ketawa saya
July 6th, 2010 at 7:23 PM
Hey, it’s not working right now
i tried both IE and firefox
and the “Please wait processing request” take forever
Please fix it. Thanks.
July 7th, 2010 at 4:45 AM
@ h4×0r & ryan
thx bro, lama ga ngoprek2 lg xor, nanti klo dpt waktu senggang lg he..
btw, nice job bro xss twitternya =))
@ rangasdengklok
knp bro? mgkin bro kira ni app cm hoax ya? he..
mgkin krn bro ga pernah liat saat apps ini msh bekerja
skrg dah ga jalan coz xss hole yg dipakai di situ sudah dipatch
@james
sorry for that
the method to fetch users private data has been filtered already lolz.. they have patched the xss hole we’re using here..
this aint working anymore
i’ll try to fix that later when i have more time
really bussy on the real life recently.
thx all for commin
August 22nd, 2010 at 8:28 PM
Ini apaan ya mas?
August 31st, 2010 at 5:12 AM
facebook visitor info ini untuk menampilkan informasi dari pengunjung profile facebook kita, tp sayang modulnya sudah difilter oleh facebook, karena kita menggunakan xss dari facebook application page, dan mereka sadar akan hal ini, jadi sudah tidak bisa jalan lagi