funsec mailing list archives
Interesting Facebook news feed item from application
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sat, 29 Mar 2008 11:43:35 +0200 (EET)
This item just appeared to my Facebook news feed: "Firstname Lastname rused http://www.facebook.com/s.php?k=100000080&id=701079xxx(new Image()).src = '/ajax/ct.php?app_id=17801732384&action_type=3&post_form_id=87c660052ab8b7313d9281a5540eaxxx&position=4&' + Math.random();ft('4:1:169:525460988:5:::::296700103:1:17801732384:::0:535339866:', '1206790078:cddb217a8d3575dd5f2af8b459c0axxx', 'clk');return true;'Firstname Lastname'! http://www.facebook.com/s.php?k=100000080&id=507167xxxnew Image()).src = '/ajax/ct.php?app_id=17801732384&action_type=3&post_form_id=87c660052ab8b7313d9281a5540eaxxx&position=4&' + Math.random();ft('4:1:169:525460988:5:::::296700103:1:17801732384:::0:535339866:', '1206790078:cddb217a8d3575dd5f2af8b459c0axxx', 'clk');return true;Firstname was just beaten down by Firstname's Valiant Slayer!" Real names changed to 'Firstname Lastname' and some strings modified with 'xxx' to prevent disclosing profile id's. This item comes from Slayers application http://www.facebook.com/apps/application.php?id=17801732384 Browser: FF2.0.0.13 Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Interesting Facebook news feed item from application Juha-Matti Laurio (Mar 29)