About a month a go, when i was too busy with my daily activites on the real life, i didnt realize that one of our mods on Forum Balikita named H4×0r-x0x found one again on twitter, i’m amazed, good job dude. If i’m not mistaken the vulnerability left on twitter oauth application module, especially on application name
The word private here means that facebook photos/album belong to those profile that are not listed on our friendslist but the privacy setting is set to everyone and the photos tab is hidden. Using this trick below we can reveal the album links. OK, lets try it using my profile as an example :
- Login your facebook account
- Go to this profile
(make sure it’s not on your friendlist)
as you can see there’s no photos tab available to click
- Put this code on the addressbar, then press enter :
Read more…
Status : Active
Multiply is a social networking service with an emphasis on allowing users to share media - such as photos, videos and blog entries - with their “real-world” network. The website was launched in March 2004 and is privately held with backing by VantagePoint Venture Partners, Point Judith Capital, Transcosmos, and private investors. Multiply has over 11 million registered users. The company is headquarterd in Boca Raton, Florida.
Multiply is also known for stronger user security than most social networking sites. Users can limit if their item can be viewed by setting security settings to Public, Private (network only), or Private (invite only) for each item on their site.
Status : Active
Tagged is the 3rd largest social network in the US, and has over 80 million members worldwide. Lately i have also found a hole to insert XSS vector on their profile page. You can see it live on this page








Media-Box