Secret portal hookup community friendship dating social network
” or “If you had one last day in your life, what would you do? If they did reply, you wouldn’t know what they replied or be able to send a personal message unless if you pay.
This dating website charges more than £50 per month to be able to see photos and to message people.
Client Message Wrapper["message"])Hmm, interesting. I opened the list to send more messages and I inspected the HTML and it turns out that that message has the ID 62. The reverse engineering I just did is 99% done on Chrome without the need of any other tools.
I thought, first thing I can do is to see the network traffic coming in and out of the app. So I installed a proxy on my Mac, Charles, and ran the i Phone’s Wi Fi through that proxy. But wait, did they just send the girl’s full profile over non-secure HTTP?Last piece of the puzzle is to know how to talk to anyone on this website, rather than just to that person. It is a high-walled castle with an open gate and no guards inside it.There does not seem to be any identifier to the person I am chatting with except in the message websocket frame. Your membership could easily be replaced by a Chrome extension that replaces URLs for photos, replaces HTML of the inbox to match what you get in the requests, and send out messages using your websocket.Looping over the messages trying to understand the XML being sent (who the hell uses XML these days for websocket communication? I decided to try to set the message key to the value “Hey there! Can not instantiate value of type [simple type, class api.message. '); no single-String constructor/factory method at [Source: org.glassfish.jersey.message.internal. I am sending the pre-defined message ID, so the ID must exist somewhere.
Reader Interceptor Executor$Un Closeable Input [email protected]; line: 1, column: 2] (through reference chain: api.message. Let’s have a look at the list of pre-defined messages.Hmm…There is a list of blurry photos, but I couldn’t get access to the non-blurred photos easily. All important requests seem to be happening on SSL.