An interesting find made by John Hackenger surfaced today. For those of you familiar with MySpace, you’ll know that it uses ‘Bulletins’ to send a single message to multiple friends in your list.
Because the message is sent only to the people you have authorized to be on your list, sometimes you get a feel of safety that will make you post information that otherwise you would not want available on the Internet.
What if this information wasn’t private and could be available to everyone?
Because the messages are numeric and sequential at the URL, you can easily get information out of those bulletins.
John Hackenger explains his finding with a complete post of the information.
As you can see, he coded a little application in C to make the whole process simpler – needs some work with the syntax errors.
Recent in Privacy:
- Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool
- Yahoo! Voices Hacked With SQL Injection – Passwords In Plaintext
- creepy – A Geolocation Information Aggregator AKA OSINT Tool
- Another 0-day MySpace XSS Exploit
- MySpace Hackers in Police Custody
- Teen Data Exposed on Myspace
Most Read in Privacy:
- Browse Anonymously at Work or School – Bypass Firewall & Proxy - 172,500 views
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 124,249 views
- Anonymous Connections Over the Internet – Using Socks Chains Proxy Proxies - 119,480 views