Some of you might already know about this old methode to see friendster private photo. This is the weaknesses of php, we can use CSRF methode to get the access to people’s private photos. How?
OK, as you are already know, when we tried to see private album on friendster profile, we need to request first, and we wont be able to see the photos inside before we’re granted to see them by the owner. Using CSRF, we can get the permission easily, just follow this step :
- You must do the request thingy, proceed here :
http://www.friendster.com/privatephotos.php?uid=TARGET_UID - Write anything on the box, click send
- Next, send the automatic request through target comment, send comment contains this naughty code :
- Last, you just have to wait till the target see the comment page, you will get message telling that you have granted to see the photos
Note :
- This trick wont work if the target is on safe mode, so be safe guys, always set the safe mode on
- We should be aware that they make it private means they want to keep their privacy, this trick will only annoy the target, we share this just to tell you about the way CSRF works on friendster, you can try another trick like logout, or else.. ups.. hihi
0 komentar:
Posting Komentar