Quoted post[/post]]
why cant you get rid of the popup function, is that the only way the execution can be completed?
So far, yes....
Unless i can find or manipulate my way into an XSS [cross site scripting] hole existing in the main profile page...
There's about 1.5 hours in coding just to get the rest of the request hidden.
It's all silent sockets other than the first popup, and then it reparses the original blogs page, removes the second swf file and writes it back to the screen...
There used to be tons of holes all over, now i only know of 3, all of which are way away from the main profile page...and one isn't authentic, as i have to make a POST request just for it to exist.
The silent sockets used are AJAX objects, AJAX sockets can not go across a domain. IE:
the xss hole is in blog.mySpace.com so i have to make sure every request is made to blog.mySpace.com...
I basically got lucky with the fact that blog.mySpace.com carries the mail.sendmessage function...
If i could find another hole in the mail section, i could also automatically delete the message they send, so it would be more un-detectable.
The blog.mySpace.com does not carry the mail.trashmail functions so that part was a no-go.
There's several elements to consider in this.
Finding an XSS hole
Setting up a dynamic way to use that hole.
Making requests from the parent url silenty.
Keeping it somewhat unrecognized.
Splitting and reparsing data.
Using flash to make the inital XSS hole appear on their screen (hence the pop to blog.myspace.com/myidy0)
It used to be soo much easier before Tom lol@my penix.