Categories

Recent Posts

Recent Comments

Recent Search

June 02, 2010

Facebook Visitor Info

Posted by: Joy  :  Category: Facebook Tips
Facebook Visitor Log Here i go again, right now i’m gonna write a brief review to the social network application i made on last may 2010. As it shows users their own private information such as basic info, birthday, address, mobile number, ip address, email and website, etc, i call it Facebook Visitor Info.

Screenshot :

Facebook Visitor Info Thumbs

Yet, this application still needs users interaction to click the big button to load the ajax module to fetch their private data. If you are good enough to see inside, you can find some interesting stuff on the application. You can learn how the data being stolen from facebook private pages and how to break the Cross-Domain Security protection against Cross-Site Scripting. As usual, i’m not gonna tell you the details here, let you guys all find it by yourself, and when you see what i have done there, you can create your own tweak and please use it wisely, dont ever use it to attack people’s pages ;)

Here is the URL of the application :
http://apps.facebook.com/visitor-info

Incoming search terms:

31 Responses to “Facebook Visitor Info”

  1. 1
    kiriman besek Says:
    June 2nd, 2010 at 12:57 pm

    nice post ..and if really filtered by admin hahha..i think your FB profile get more problem hahah =))

  2. 2
    AaEzha Says:
    June 3rd, 2010 at 7:03 pm

    jadi ini kayak tab INFO gitu ya om joy?

  3. 3
    Joy Says:
    June 6th, 2010 at 10:50 pm

    @zaynul
    haha.. that’s ok dul.. gratis ini dah, paling repot add2 tmen2 lg

    @aa
    kurang lebih untuk nampilin yg liat itu tab, kaya visitor boxnya fs dulu
    emang diambil dr tab infonya si pemilik

  4. 4
    kiriman besek Says:
    June 7th, 2010 at 11:56 pm

    wahaha i think get more sajen kali dulz

  5. 5
    H4×0r Says:
    June 14th, 2010 at 4:42 pm

    salut gw ma om joy..
    oprekanya slalu joss…
    Di Tunggu Apps Windows Alertnya om xixii..

  6. 6
    Rchymera|Blog™ Says:
    June 15th, 2010 at 9:12 am

    Nice tutorials and very useful bro joy,i like it…:D

  7. 7
    James Says:
    July 6th, 2010 at 12:23 am

    Hey, it’s not working right now :(
    i tried both IE and firefox
    and the “Please wait processing request” take forever

    Please fix it. Thanks.

  8. 8
    rangasdengklok Says:
    July 6th, 2010 at 9:29 am

    wakakkak .. cuma bisa ketawa saya

  9. 9
    Joy Says:
    July 6th, 2010 at 9:45 pm

    @ h4×0r & ryan
    thx bro, lama ga ngoprek2 lg xor, nanti klo dpt waktu senggang lg he..
    btw, nice job bro xss twitternya =))

    @ rangasdengklok
    knp bro? mgkin bro kira ni app cm hoax ya? he..
    mgkin krn bro ga pernah liat saat apps ini msh bekerja
    skrg dah ga jalan coz xss hole yg dipakai di situ sudah dipatch ;)

    @james
    the method to fetch users private data has been filtered already lolz.. they have patched the xss hole we’re using here.. :D
    this aint working anymore :) sorry for that
    i’ll try to fix that later when i have more time
    really bussy on the real life recently.

    thx all for commin

  10. 10
    RSeptian Says:
    August 22nd, 2010 at 1:28 am

    Ini apaan ya mas?

  11. 11
    Joy Says:
    August 30th, 2010 at 10:04 pm

    facebook visitor info ini untuk menampilkan informasi dari pengunjung profile facebook kita, tp sayang modulnya sudah difilter oleh facebook, karena kita menggunakan xss dari facebook application page, dan mereka sadar akan hal ini, jadi sudah tidak bisa jalan lagi :D

  12. 12
    sarah-crizelle Says:
    October 15th, 2010 at 11:32 am

    even this application is not working :(

  13. 13
    miyaka Says:
    October 20th, 2010 at 2:13 am

    not working ad of oct.19,200

  14. 14
    icy Says:
    October 20th, 2010 at 2:15 am

    lol its not working …http://apps.facebook.com/visitor-info fb migt have blocked it .

  15. 15
    Joy Says:
    October 22nd, 2010 at 12:29 am

    @all
    this aint working anymore as i posted above, sorry for posting it in bahasa..
    we used fan pages xss vulnerability to insert hidden iframe on the application, but unfortunalety, it’s been patched already

  16. 16
    SkyNet Says:
    April 12th, 2011 at 1:13 pm

    gan cm satu pertnyaan saya, knp tutorial anda pke bhsa inggris?? sdangkan anda orng indonesia kan?? ok thx gt aja

  17. 17
    Joy Says:
    April 13th, 2011 at 8:59 pm

    @SkyNet
    dr awal blog ini dibuat kebanyakan share xss untuk layout2 website social network. dan pengunjungnya bkn hanya dari indonesia, dulu jaman friendster berjaya dari malaysia dan philipine jg bnyak yang berkunjung, supaya lebih ngena, ya pk bhasa inggris skaian, begitu krg lebih alasannya bro :D . terima kasih suah mampir :)

  18. 18
    SkyNet Says:
    April 16th, 2011 at 11:52 pm

    ohh gt ya gan, brrti udh ckup terkenal jg yah web anda. smoga sukses aja ya gan, tips trik nya brmaanfaat smua. tp mnrut sya bnyak yg show off jg dngan trik inject layout fb itu, kira2 bkal di patch ma pihak fb gk tuh? trs mank nya cra itu ilegal apa gk mnrut fb? sori yah klo prtnyaan nya pnjng. hehe

  19. 19
    Joy Says:
    April 18th, 2011 at 12:00 pm

    @SkyNet
    ga terkenal2 bgt, cm dikenal dikalangan layout maker dr jamannya friendster dulu, bnyak yg cari sumber xss untuk diinject di profile2 social network. gpp gan, pasti ilegal sebenernya, dr dulu juga begitu, biar dipatch nanti ada lagi pasti tmen2 yg laen nemuin hal2 aneh lainnya :D biar berkreasi terus cari2 celah :D makasih dah mampir gan :D

  20. 20
    SkyNet Says:
    April 18th, 2011 at 8:27 pm

    tp gan klo mnrut pndpat sya dlam ksus inject layout fb ini, lbih mndekati kpda di sebut deface profile fb. krna itu merubah seluruh tmpilan profile fb siapapun bkn hnya profile fb kita sndri, ya kn? bda dngan ksus fs yg hnya mrubah profile kita sndri. gmn klo pndpat bang joy sndri? tpi salut deh buat bang joy yg udh nemuin teknik injecting ini. hehe.. btw, hmpir stiap hri lho sya kunjungi blog ini, spa tw ada update terbaru. hehehee..

  21. 21
    Joy Says:
    April 19th, 2011 at 1:57 am

    yup, dulu juga saat di fs ada comment linker, untuk inject lewat comment. 11-12 mirip2 :D hanya saja dulu mungkin memang autoload, tanpa perlu click.. ok terima kasih bro sering mampir, belum sempet bkin artikel baru.. skynet.cx.ccnya jg keren, terus berkreasi bro :)

  22. 22
    SkyNet Says:
    April 19th, 2011 at 6:35 pm

    iya bro wktu jman fs lngsung auto load. hehe.. btw kpn nih gan update artikel brunya? emng klo blh tw lbi sbuk apa aj nih?? web sya msih pke domain gratis gan itu jg cm homepage wrnet aja. hehe.. thx gan.. oiya, sya udh add fb nya bang joy tp blom di confirm nih, klo bsa bang joy aja yah yg add fb sya?? nih gan fb link nya. http://www.facebook.com/skyneters

    thx sblum nya.. :)

  23. 23
    Joy Says:
    April 22nd, 2011 at 12:47 am

    oh iya bro, makasih yah.. lom da ide bkin postingan baru :D . oh iya lom buka2 fb lagi :D siap bro, ntar tak confirm.. :)

  24. 24
    SkyNet Says:
    April 24th, 2011 at 2:59 pm

    bro thx dh confirm fb sya. :)

    btw, anda admin di forum balikita yah?? keren gan forum nya, membernya jg jago2 smua di bidang hacking. hehe..

  25. 25
    Joy Says:
    April 24th, 2011 at 6:41 pm

    @SkyNet
    sama bro, saya kira dah di approve sebelumnya, yg “Arvans” itu :D
    saya member jg bro, sm ky yg laen, http://forum.balikita.net/profile.php?id=57 tuh kan tulisannya no one, “bukan siapa2″ :D
    saling ngisi aja, msg2 member punya kelebihan dan kekurangan klo bs saling ngisi jd bgs untuk semuanya ;)

  26. 26
    SkyNet Says:
    April 24th, 2011 at 9:09 pm

    kok tw bro fb asli sya yg nm nya arvans?? hehe..
    mksdnya confirm fb yg skynet gan. thx yah..

    gan, gmn tuh cara bkin jdi “no title” gt?? keren gan, lain drpd yg laen. hehe..

    oiya sya skalian mw nnya, gmn caranya sisipin kode tag body di layout fb?
    contoh sya mw sisipin kode ini gan
    gmn cranya?? sya udh nyoba tp gk bsa. thx atas jwban sblumnya. hehe..

  27. 27
    Joy Says:
    April 25th, 2011 at 10:29 am

    @SkyNet
    liat dr bola kristal bro :D
    wah g tau jg bro bs begitu, lupa.. he…
    kode gmn bro? kodenya ilang kena filter comment wp, cb pake < >

  28. 28
    SkyNet Says:
    April 25th, 2011 at 2:28 pm

    liat dri bola kristal gmn bro mksdnya?? sya gk ngerti. hehe..

    nih gan cntoh kode nya dh sya convert : <body onload="Menu();">

    oiya ada tools bwt decrypt html yg udh terencrypt gk bro? sori ya bro klo prtnyaan ane ribet. hehe..

  29. 29
    Joy Says:
    April 26th, 2011 at 8:18 am

    @SkyNet
    he..
    klo canvasnya iframe, msh bisa
    klo fbml ga bs bro, klo jd xss vulnerability di apps.facebook.com donk :D
    dulu emg bsa :D bahkan fb:redirect url=javascript: bs, tp skrg dah ga bisa..

  30. 30
    luckyalp Says:
    October 17th, 2011 at 4:37 pm

    kok tw bro fb asli sya yg nm nya arvans?? hehe..
    mksdnya confirm fb yg skynet gan. thx yah..

    gan, gmn tuh cara bkin jdi “no title” gt?? keren gan, lain drpd yg laen. hehe..

    oiya sya skalian mw nnya, gmn caranya sisipin kode tag body di layout fb?

  31. 31
    Mahendra Says:
    November 17th, 2011 at 2:18 pm

    I am not found facebook-visitor-info app?

Leave a Reply

Comment moderation is enabled. Your comment may take some time to appear.

Narsis Corner



    :: Link Me Back ::
    = With Image =
    !CrazyDavinci!

    = Link Only =
    :: Special Links ::

Media-Box

Web Hosting Services

    Hostgator Review BluehostReview JustHost Review InMotion Review HostMonster Review

Popular Search