~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+]Title : FaceBook Like Cross Site Scripting
[+]Auther : Bl4ck.Viper [Turkish Hacker]
[+]Email : Bl4ck.Viper@gmail.com
[+]Date : 04/07/2011
[+]D0rk : inurl:"facebook/like.php?id"
[+]Home : www.skote-vahshat.com
[+]MyArchive : www.xpl.skote-vahshat.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is a simple java script code for test ...
now we inject simple code in to "I LIKE" Field & Click on "CREATE"
button and see result !!!
yes we alert displayed ... your code save into database
& you can copy link and send to body for hijacking ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Spc TNX :
OF All my friends.
TBH Team And All Iranian & Turkish Hackerz
Yashasin Benim Ana Yurdum
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~