[ame="http://www.youtube.com/watch?v=1ni7H7eXgxg"]how to follow or unfollow alotta ppl on twitter w jquery - YouTube[/ame]
always inject jquery
https://chrome.google.com/webstore/category/apps?hl=en
you might need to exchange $ for jquery
Inspect element on what you want to click, click the + in the top right corner of the inspector and copy what popsup or just grab the class name of the element you want to click.
You can get more advanced with a foreach loop like
This works on pinterest, wanelo[limited], svpply, [limited], not on facebook at all. Beyond clicking you could dream up a million things to do, find replace, brute force an ajax form etc. If you were so inclined you could make a custom chrome plugin as a lil toolbox of automating shit. I used to use sikuli for some of this stuff but inspect element in incredibly useful. For instance, you used to be able to inject do-follow links into manta.com via the gender drop down box until they did a full redesign. You can change the links on paper.li to be dofollow but they are loaded dynamically and im pretty sure they are not indexed. Othertimes inspect element is usefull for changing the maxlength value, removing clientside validation or just straight up injecting. Often times developers wont clean checkboxes, radios, drop downs because they don't expect you to be changing up their html and may have some other fix for XSS. You'd be surprised the sites you can manipulate. sometimes shitty coders will take a whole form and insert values into a database like this
that means the thing they're likely cleaning, $value, isnt where you go in, but you can just change the name attribute of the form element to inject instead
example
don't do anything, its illegal probably
always inject jquery
https://chrome.google.com/webstore/category/apps?hl=en
you might need to exchange $ for jquery
HTML:
jQuery('.class').click();You can get more advanced with a foreach loop like
HTML:
$.each('selector',function(){
//do shit
setTimeout($(this).click(),1000);
});
PHP:
foreach($_POST as $key=>$value){
mysql_query('insert into table set $key=$value');
}example
HTML:
<input type="checkbox" name="subscribe">
<!--inspect element here, edit as html-->
<input type="checkbox" name="subscribe">
<!--try this -->
<input type="checkbox" name='description="your text without any sanitation here", subscribe=1'>
<!-- depending on whether the coder was using single quotes or double quotes you may have to change out the attribute quotes with single quotes/doublequotes so you can use the other quotes within the data you're injecting -->
Last edited by a moderator: