Ngoprek Web » Hacking

FakeYourSpace in trouble

Eris Ristemena — Tue, 27 Feb 2007 02:54:16 +0000

Remember FakeYourSpace.com? a site that provides fake hot friends on popular social networking sites such as MySpace or Friendster. I mentioned about this a while ago.

It turned out that they’re doing very well. According to New York Times, FakeYourSpace attracted 50,000 hits a day. Until they’re facing trouble with iStockPhoto, the source where it gets the photograph of the models for fake friends.

Kelly Thompson, iStockPhotoâ€™s vice president for marketing, said its licensing agreement did not allow Web sites to post photos that might lead the average person to â€œthink that the model endorsesâ€ the product, Web site or person in question.

FakeYourSpace have to shut down their service until later this week because of that.

Yeah, that’s what happend when you’re trying to fake something. Maybe, they have to consider to create fake photos service as well. A mashup from some photos, something like Yahoo! avatar with real faces.

;-p

Hacking Reputation

Eris Ristemena — Sat, 09 Dec 2006 03:20:38 +0000

I finally have to admit it, i know next to nothing about MySpace, Facebook or Friendster. I don’t use them, let alone have friends there. But i do know that they are social networking sites, and — to some extent– people’s reputation are based on their popularity on these community.

For that reason, i couldn’t care less when some people try to fake their popularity on social networking sites to gain “reputation”. But this site is too much,

FakeYourSpace is an exciting new service that enables normal everyday people like me and you to have Hot friends on popular social networking sites such as MySpace and FaceBook. Not only will you be able to see these Gorgeous friends on your friends list, but FakeYourSpace enables you to create customized messages and comments for our Models to leave you on your comment wall. FakeYourSpace makes it easy for any regular person to make it seem like they have a Model for a friend. It doesn’t stop there however. Maybe you want to appear as if you have a Model for a lover. FakeYourSpace can make this happen!

I don’t know about you, but having “hot friends” on internet doesn’t do any good to my reputation. But to be able to hack reputation on social network sites surely some reputation to me.

What’s next? Sites that offer services to clarify reputation? or new algorithm for detecting fake friends on social network?

Finally, Google Blog Search Pinging Service. Try mine

Eris Ristemena — Fri, 06 Oct 2006 13:14:07 +0000

After my blogs suddenly dissapeared from technorati, i found new way to promote this nice blogs of mine using Google Blog Search. Horeey.

Today, Google official blogs announced about Google Blog Search Pinging Service. After about 15 minutes studying its API, i finally sat down and write it out using PHP.

So here you go, i used my old NuSoap to send xml-rpc to Google blog search. Try it out yourself.

You can also see the source here.

By the way, can anyone tell me what in Google earth is wrong with my technorati?????

Possible Vulnerability in Firefox Reported at Toorcon is a Joke

Eris Ristemena — Wed, 04 Oct 2006 19:31:04 +0000

Apparently i’m not the only one who likes joking around with firefox. Mischa Spiegelmock, one of the Torcoon speaker had just clarified that he was joking about Firefox’s vulnerability in his speech.

The main purpose of our talk was to be humorous.

As part of our talk we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this, and I personally have not gotten it to result in code execution, nor do I know of anyone who has.

I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven’t used it to take over anyone else’s computer and execute arbitrary code.

I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim. I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.

I apologize to everyone involved, and I hope I have made everything as clear as possible.

Well, i think he made Firefox developer teams nuts chasing the imaginary bugs. That’s the good thing, it shows us that Firefox wouldn’t let any bugger boys strike their asses.

Go go firefox.

Tags: Joke

Fooling Proxy

Eris Ristemena — Mon, 02 Oct 2006 16:22:04 +0000

My friend asked me how to bypass proxy in his office. Well, why bypass, why not trying to fool the proxy. After 20 minutes searching and hacking, i finally got it. So here you go.

My Amazing Picture

Eris Ristemena — Sat, 30 Sep 2006 21:58:54 +0000

I always found myself amazed looking at this picture. Somehow by looking my place from this high make me feel so close to God. Realizing how small i am.

Thanks to Google Maps for showing me this.

Firefox + CSS Hack : I Know Where You’ve been

Eris Ristemena — Sat, 30 Sep 2006 10:52:36 +0000

Basic behaviour of any web browser will mark visited link using distinct color. CSS helps us to change this visited link color into any color to match web site theme.

Well, that behaviour will be an advantage for people who wants to steal your browser history. Yeah, you got that, by detecting link color. I will show you how to do that in Mozilla Firefox. This short of hack is taken from Jeremiah Grossman blog with some changes i made.

First, we need to mark visited link with our own distinct color, for that we’ll use CSS,

Now, any visited link will be marked in white.

Next, since this hack only works for mozila firefox, we need to detect user’s browser using this simple javascript,

var agent = navigator.userAgent.toLowerCase();
var is_mozilla = (agent.indexOf("mozilla") != -1);

Create an array of popular websites that your visitor might have been visited as shown below. You can add more to the list if you like.

var websites = [
   "http://www.ngoprekweb.com/",
   "http://digg.com/",
   "http://login.yahoo.com/",
   "http://mail.google.com/",
   "http://mail.yahoo.com/",
   "http://reddit.com/",
   "http://www.amazon.com/",
   "http://www.blogger.com/",
   "http://www.bloglines.com/",
   "http://www.google.com/",
   "http://www.microsoft.com/",
];

Finally, loop through our website list above and create a fake anchor element to detect whether it has color that match our visited link color before, then print it out if they match.

   for (var i = 0; i < websites.length; i++) {
      var link = document.createElement("a");
      link.id = "id" + i;
      link.href = websites[i];
      link.innerHTML = websites[i];
      document.body.appendChild(link);
      var color = document.defaultView.getComputedStyle(link,null).getPropertyValue("color");
      document.body.removeChild(link);       

      // check for visited
      if (color == "rgb(255, 255, 255)") {
        document.write('' + websites[i] + '
');
      }
   }

That’s it. Now you can show your user where he/she has been. Usually you also need to prevent multiple XSS loads. And with additional AJAX you can also send this information back to your server. Ooops.

You can try this out by clicking here. Don’t worry, i won’t save any of your browser history.

Now, this is my complete source,


  
    Steal History

Google to bypass Proxy

Eris Ristemena — Thu, 28 Sep 2006 01:52:00 +0000

For you who live behind proxy, and can not access some website, maybe this old tips can help you out. Just put your destination url in google language tools.

For example, if you want to access http://cleanpick.blogspot.com, and your proxy doesn’t allow you to do it (daah…), just use this url:

http://translate.google.com/translate?u=http://cleanpick.blogspot.com&langpair=en|en

See, your proxy would assume you’re accessing google.

Ok, another example here, if you want to access yahoo.com, just try this out:

http://translate.google.com/translate?u=http://www.yahoo.com&langpair=en|en

Have a nice try.

Add islamic Link to your blog

Eris Ristemena — Tue, 26 Sep 2006 00:37:00 +0000

In the spirit of Ramadhan, i’d like to share how to add islamic links to your blogs. For now, i will show you how to grab links from two sites : khilafah.com and hizbut-tahrir.or.id

Link from Khilafah.com

If you want to add link from khilafah.com, all you need to do is copy the following code into your own blogs,

For KCom News:

For KCom Journal:

For KCom Magazine:

Link from Hizbut-tahrir.or.id

If you want to add link from Hizbut-tahrir.or.id, all you need to do is copy the following code into your own blogs,

For Buletin Dakwah Al Islam:

For Majalah Al Waie:

For Hizbut Tahrir Indonesia Headline:

An App A Day

Eris Ristemena — Sun, 24 Sep 2006 08:13:00 +0000

Paul Graham mentioned in his essay that if you ask a good hacker how good he is, he might replay “i don’t know”. He’s not being modest, he really doesn’t know. But i think it’s not a bad idea to test your skill of coding and find out how good you are. How about if you challenge yourself to make a new application every day?

Well, that might sound hard to do. But not really. At least not for her. So this blog goes to anappaday.com.

Don’t worry, you haven’t miss anything. By the time i write this, she is in 10th day of 30 working days she planned. You can also chat with her while she’s working on an app.