FBML Injection on Facebook Stream Attachments
As you might already know, on Facebook, we can insert some certain media attachment like image, video/flash or mp3 audio through our own application. The attachment is an array of structured data that defines the post. To understand how to post what kind of attachment we would like to post, we need to understand about Facebook Stream Attachments. You can read more about the detail on their page. Here, we are discussing the issue on one of its parameters named “name”.
You can use this Stream Attachments through :
As i said above before, here we’re gonna try to use the ‘name’ parameter on the attachment to add an FBML Injection to our post. This trick found by some of our brothers and sisters on balikita, inspired by a tag button then Roy Castillo use fb:lives-tream, then tweaked more by some other forum members. Let’s assume that you have already known about how to insert the attachment, you can insert some FBML codes inside the parameter like :
- fb:captcha
- fb:live-stream
- fb:editor-textarea
- fb:editor-button
- fb:editor-date
- and many more
You can try to insert those FBML tag using our Facebook Bold Text, simply put those FBML codes inside the ‘Message’ Box, there’s also a preview button. You can find more about FBML tag on this page : http://developers.facebook.com/docs/reference/fbml/ try it, who knows you will find another way to insert XSS vector using this trick 
Below is the preview of the fb:livestream inside the ‘name’ parameter :
http://www.facebook.com/official.profile/posts/189641377770440
Screenshot :
I’m using the trick to show visitor profile picture on newsfeed, try it yourself on your wall by clicking this link :
http://apps.facebook.com/bold-text/?blessedfriend
Happy tweaking 
August 24th, 2011 at 3:33 am
OMG its been long time i haven’t visited your blog, so many tricks now, i like this trick, can i diajarin bang joy?hehe
August 24th, 2011 at 1:20 pm
very nice bro,
but i dont get to make such an application. i only used live stream code.
August 24th, 2011 at 2:54 pm
Hi, Cool how is this done can you let us know can i have the files i am just learning to create apps Thanx
August 25th, 2011 at 3:56 am
I can’t create Facebook Bold Text like you have made. Please tell me how to do it?
August 25th, 2011 at 8:51 am
Thank you bro Joy!
August 25th, 2011 at 11:27 am
salamat
August 25th, 2011 at 10:28 pm
hello ,there … you work is awesome and very interested
do you share your knowledage about it ,,meaing can you give tips on you develop this kind of appication … by the way ,i’m a programmer
August 26th, 2011 at 9:28 pm
hey bro nice application can u share us file i want to learn and create application like this thanks
August 31st, 2011 at 3:26 am
i am nt able to use ur visitor profile
August 31st, 2011 at 3:27 am
i am nt able to use the profile picture trick