Hacker says security flaw let him access any Facebook profile (opens in new tab)

(news.cnet.com)

26 pointsshirkey13y ago5 comments

5 comments

5 comments · 2 top-level

sktrdie13y ago· 2 in thread

No proof of the exploit?

delroth13y ago

Facebook acknowledged it and the researcher who found the vulnerability got a bounty from FB.

xyzzy12313y ago

You might be interested in Nir's discussion of the bug: http://www.nirgoldshlager.com/2013/02/how-i-hacked-facebook-...

judofyr13y ago· 1 in thread

Facebook's OAuth2 implementation is so broken. Homakov found a X-XSS-Protection-related issue: http://homakov.blogspot.no/2013/02/hacking-facebook-with-oau....

After reading Homakov's and Nir's discussions I started looking for some bugs myself. And guess what? ~10 hours later I found another access_token-stealing exploit that has the same implications as Nir's exploit (although mine doesn't work in all browsers). Reported it 2 days ago.

Wouldn't surprise me if there's more bugs/exploits to be discovered :(

itsnotvalid13y ago

And since Homakov gave quite a detailed description of the class of bugs, it would be quite dangerous to use a browser with an active session to facebook now.

j / k navigate · click thread line to collapse