Share Anything You Know Bro
 
IndeksFAQPencarianAnggotaPendaftaranLogin

Share | 
 

 Vulnerability in Facebook Email feature Exposed

Go down 
PengirimMessage
Admin
Admin


Jumlah posting : 229
Points : 672
Join date : 02.04.11

PostSubyek: Vulnerability in Facebook Email feature Exposed   Thu Apr 07, 2011 8:59 pm

[You must be registered and logged in to see this image.]

This time Facebook username feature is Vulnerable. After Facebook applications, now Facebook username feature can be used to do on Facebook profiles. Not only spam’s but this bug can be used to post illegitimate messages to Facebook users from their friends or either from unknown people without the consent of sender

Total Exposure : Knowledge of Facebook id and associated registered email address are the key elements to launch the exploit i.e., to postage of factitious messages on behalf of target user. Other than posting messages, spams are equally potential through this vulnerability.

Scenario:
To effectively launch the attack the minimum scenario consist on the following :

Target username of Facebook user1 (xxxx@facebook.com) and an email id of another Facebook user2 (any email,that used to register the facebook account).
To launch the attack an attacker can post fictitious private messages on behalf of target user2 to the target user1 via fake emails using a php script or online free fake mail services.


Notice : We have already submit this bug to Facebook authorities, Hope they will fix it soon
Founded by: Waqas Jamal & Rana Faisal Munir
Kembali Ke Atas Go down
Lihat profil user http://liveshare.forumid.net
 
Vulnerability in Facebook Email feature Exposed
Kembali Ke Atas 
Halaman 1 dari 1
 Similar topics
-
» Update Status Facebook via Blueberry, Telepon Umum, Wartel, Kantor Pos, HP Pinjaman, Warnet, Hati
» Thread pendaftaran alamat email
» [ASK] Email Resmi PT. Kawasaki Motor Indonesia
» [PRE ORDER] Kaos conan + Sherlock
» Tukeran No HP yuk...

Permissions in this forum:Anda tidak dapat menjawab topik
LIVE SHARE :: Computer Security :: News-
Navigasi: