How I Hacked Facebook OAuth To Get Full Permission On Any Facebook Account ...
This flaw allowed me to take a full control over any Facebook account, By exploiting this flaw I could steal unique access tokens that provides me full control over any Facebook account, just to clarify there is no need for any installed apps on the victim's account, Even if the victim never allowed any application in his Facebook account, I could still be getting full permissions (This bug works on any browser) To make this exploit work, The victim only need to visit a webpage,So OAuth is used by Facebook to communicate between Applications and Facebook users, Usally users must allow/accept the application request to access their account
What the influencers are saying
-
Jeremiah Grossman
"How I Hacked Facebook OAuth To Get Full Perms On Any Facebook Acct (w/o App "Allow")" http://t.co/FhkoR5dXPu < nice @Nirgoldshlager!
-
Ryan Dewhurst
RT @antisnatchor: “@randomdross: Impressive work by @Nirgoldshlager: http://t.co/dzxas2JhVw” < fucking hell, nice one :D
-
briankrebs
Interesting read about how one hacker found a pretty serious OAuth bug on Facebook that apparently was just fixed http://t.co/2jHQS6OWw8
-
Steve Werby
How I Hacked Facebook OAuth To Get Full Permission On Any Facebook Account http://t.co/aUheYNEHjw
-
James Lyne 0x410x410
RT @jeremiahg: "How I Hacked Facebook OAuth To Get Full Perms On Any Facebook Acct (w/o App "Allow")" http://t.co/FhkoR5dXPu < nice @ ...
-
Fausto Cepeda
"How I Hacked Facebook OAuth To Get Full Permission On Any Facebook Account" http://t.co/y9qqd4cSOk
-
grecs
RT @mubix: #SharedLinks How I Hacked Facebook OAuth (corrected link) http://t.co/0uYjHbX0Wk #reddit #netsec
Related Reading
 |
To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. |
