I'm not very good with hacking. I've just been learning for a while. I know you could used to have been able to post a re-direct comment to a ghost PHP hosted on you're account at geocites.
Join Date Aug Posts 2. Join Date Nov Posts 1. Join Date Nov Posts As far as i know it's almost impossible to "hack" into a myspace account.
The only way to get somebody's password is by fooling them into giving it to you. This is called social engineering and as i've already found out, it's more difficult than it seems You could send your victim an email saying there are items on thier profile that bretches copyright laws therefore thier profile will be removed unless they sort it out. The email will also contain a link to a "special" log-in page you've set up, so when they try to log-in their password will be sent to you.
Setting up a fake log-in is fairly easy, aslong as you know a bit of PHP. The only tricky part is the date-of-birth, although you can figure that by sleuthing on other social networking sites. Once you have obtained those three pieces of information, you can essentially break into any Myspace account.
Following responsible disclosure best practices, Galloway informed Myspace of the vulnerability in April of this month. The company sent an automated reply, but has otherwise failed to act. This inaction forced Galloway to take action into her hands, and she has publicly disclosed the vulnerability while it still exists. Myspace has a checkered record when it comes to security. Last year, the company confirmed the leakage of million user accounts.
Researchers believe this is one of the largest data breaches of all time. Update: Myspace got in touch. We take data security very seriously at Myspace. This article was originally published on The Next Web. Want more consumer news? Visit our parent organization, Consumer Reports , for the latest on scams, recalls, and other consumer issues. Part of. Welcome to the Consumerist Archives Thanks for visiting Consumerist. Related hack attacks.
The original URL now redirects to a different page. And if people want to recover old accounts, without the associated email address, have to fill out a different form. Also, Myspace Told Wired in a statement: "In response to some recent concerns raised regarding Myspace user account reactivation, we have enhanced our process by adding an additional verification step to avoid improper access.
We take data security very seriously at Myspace. We plan to continue to refine and improve this process over time. Get six of our favorite Motherboard stories every day by signing up for our newsletter. Sign In Create Account.
0コメント