WebApp Sec mailing list archives

RE: myspace hack

From: "Griffiths, Ian" <Ian.Griffiths () liv-coll ac uk>
Date: Thu, 13 Oct 2005 15:01:45 +0100

This is not what I gathered from the written account, he's penned it as
some sort of multi-layered, nested approach to having friends.  I'll be
far less impressed if it transpires that its just a regular loop in any
old scripting language with a wget in the middle....

-----Original Message-----
From: Chris Varenhorst [mailto:varenc () MIT EDU] 
Sent: 13 October 2005 14:31
To: Akash
Cc: webappsec () securityfocus com
Subject: Re: myspace hack

This isn't hacking at all. (at least not what I'd call it)
This is writing a script to go through myspace IDs (which happen to be
squential) issuing friend requests to every one of them.  To prevent
this, now myspace limits friend requests to a certain number per day.
Hope that covers it!

-Chris

On Thu, 13 Oct 2005, Akash wrote:

Does anyone has more technical details about how 1 million accounts

got hacked in about 24 hours.

This is the supposed confession of the hacker http://fast.info/myspace/

I currently studying for CEH and just finished reading about XSS. So
this is of special interest.

regards

akash

Current thread:

myspace hack Akash (Oct 13)
- Re: myspace hack Stephen de Vries (Oct 13)
- Re: myspace hack Chris Varenhorst (Oct 13)
  - Re: myspace hack Chris Varenhorst (Oct 13)
- <Possible follow-ups>
- RE: myspace hack Griffiths, Ian (Oct 13)
  - Re: myspace hack rSYN (Oct 13)
- RE: myspace hack Reynolds, Jake (Oct 14)
  - Re: myspace hack Stephen de Vries (Oct 14)
  - RE: myspace hack Radoslav Vasilev (Oct 14)
  - RE: myspace hack Andrew Chong (Oct 14)
    - Re: myspace hack Stephen de Vries (Oct 14)
  - Re: myspace hack Tim Brown (Oct 14)
    - Re: myspace hack bugtraq (Oct 14)
    - Re: myspace hack Tom Gallagher (Oct 14)
    - Re: myspace hack Disco Jonny (Oct 14)

(Thread continues...)