How Myspace.com Passwords are Stolen

Posted by zoul at 6:35 AM . Tuesday, March 20, 2007
0 comments
Labels: , ,

This is a step by step article that includes source code and files for the most common method used to steal myspace.com accounts. Learn the signs so that you do not fall victim.

Myspace.com has obviously become quite the phenomenon, and many people have reported that they have lost control over there accounts or had there accounts stolen. Many wonder how this can happen. Well it is actually quite simple and could be avoided if myspace.com got rid of the embed tag that they use.

First you will need to obtain the files. You can find them here: http://rapidshare.de/files/13724658/MySpac...r-WDYL.zip.html


Part 1 - configuring redirect.fla (The attacker needs shock wave flash)

1) The attacker changes "name_of_cookie" to a unique name
The cookie is used to prevent the same person from constantly getting the log in screen.
2) Then the attacker will change "http://some_server_here.com/" to a server which will store the fake myspace login screen called "index.htm".
3) the attacker then outputs and saves the shock wave movie
4) Then the attacker will upload the shock wave movie to a server, usually a free host or a server that has been previously hijacked.

Part 2 - The fake MySpace login screen
1) The attacker uploads the index.htm to the server that was set in the shock wave movie before and the save.php to the same location.

Part 3 - The attack
1) The attacker will post a comment on MySpace using an embed tag to embed the shock wave movie
2) The passwords should slowly build in "out.txt" ... unless the read/write chmods weren't set correctly

The fake login screen looks like this :


Month of MySpace bugs coming?

Posted by zoul at 5:29 AM .
0 comments

With equal doses of satire and self-denigration, two anonymous hackers announced a plan last week to make April a month of daily MySpace vulnerability disclosures.

The duo--who use the online names "Mondo Armando" and "Müstaschio"--outlined the plan to release daily flaws in MySpace's online social networking software on their Web site, while poking fun at the whole Month of Bugs phenomenon. Calling the effort MOMBY for "Month of MySpace Bugs, Yuss," the two hackers stated that the effort is less motivated by security concerns and more designed to head off thoughts of any future Month of Bugs projects.

"If it ends up being just as lame as the Month of Apple Bugs, then we haven't really missed the mark," wrote "Mondo Armando" on the site. "If it's funnier, then great. If it kills this Month of Whatever fad, then hurray for everyone, it's over."

The effort, if indeed it happens, will be the fifth Month of Bugs in the last year. In July, security researcher HD Moore started the trend with a Month of Browser Bugs, in November came the Month of Kernel Bugs, followed by the Month of Apple Bugs in January and the Month of PHP Bugs in March.

Beseiged MySpace has become a popular target for security researchers and malicious coders. Two Web worms have infected users of the social-networking site: The Samy worm spread quickly in October 2005 and the Quickspace worm wended through the company's servers last December. MySpace has also come under fire over fears that sexual predators are using the site to find young victims online and has irked security researchers with some of its aggressive tactics.

The Month of MySpace Bugs will focus on relatively easy to find cross-site scripting (XSS) vulnerabilities, the hackers said. XSS flaws were by far the most common software vulnerability found in 2006.