Categories Tree

Tags

Recent Posts

Recent Comments

May 16, 2010

XSS On Friendster

Posted by: Joy  :  Category: Vulnerability
Friendster XSSRecently, many friendster users leave and move to facebook. That’s probably because facebook provides more easyness and interactivity than friendster, many cool games, chat, usefull applications, etc. Friendster seems to follow facebook too now, they tried to add anything facebook has on their page. They even tried to provide us chat facility like the one on facebook, but it has not been implemented yet untill now. There are some more things that friendster try to follow, you can see how their activity stream, also link sharer, etc.

OK, let’s go straight to the topic, i accidentally found another XSS vulnerability “again” on their file, named sharer.php. It doesnt sanitize parameter correctly.

Read more…

Comments (3)  :  Add Comment
March 11, 2010

Get Access To Friendster Private Photos

Posted by: Joy  :  Category: Miscellaneous Trick
Friendster LogoRecently in the year of 2010, the previous trick of view friendster private photos is not available anymore as friendster has added authoritation code as a parameter on their request page. Now we need a little more complicated way to get access to friendster private photos.

We have to make the target see a page with hidden iframe containing our evil script to make it works. Actually, it’s merely an automated form to get invited by target to see their private photos. When the target see the page, they wont realize that they actually have invited us to see their private photos. OK, lets start, kindly follow this step by step tutorial :
1. Go to target profile
2. Copy paste this javascript to the address bar :
Read more…

Comments (33)  :  Add Comment
September 06, 2009

XSS Widget Update

Posted by: Joy  :  Category: Linker

App Name : Classified
Status : Active
Platform : v1
Last Update : November 12, 2009
Credits : Switangell, The Cradle & Forum Balikita

We’re not sharing the widget here directly, you can get the info about it on our forums.

Kindly proceed here :
Read more…

Comments (26)  :  Add Comment
August 04, 2009

Latest XSS Widget

Posted by: Joy  :  Category: Linker
Cute Pink Girl
Shared by: switpotato
Created: July 2009
Status : Filtered (August 2009)

Here’s another more friendster widget, that can serve as a vessel to inject your Cross-site Scripting (XSS) vector in your profile. Just follow the instructions carefully.

Read more…

Comments (12)  :  Add Comment
  1. Pages:
  2. 1
  3. 2

Narsis Corner

    skull

    SEO Monitor
    SEO Stats
    :: Special Links ::
    Komunitas BSI
    :: Link Me Back ::
    = With Image =
    !CrazyDavinci!

    = Link Only =

Media-Box

Chat-Box

Archives