APT Development
Take a closer look at Iranian state-sponsored hacking groups
Hacker-powered security
Human error bugs are causing more and more sensation, find
Immediately
Software Source Chain Attacks: Everything You Want to Know
Special Report
North Korea’s Cyber Risk Teams Lead Adversaries
What’s in a (domain) name?
How Expired Web Domains Help Criminal Hacking Campaigns
Radar Insect Reward
The newest systems of April 2022
Cybersecurity Conferences
A calendar of occasions in 2022 and beyond
Constantly target a series of insects that may have allowed a malicious actor to take over a user’s Facebook account, paying their researcher a mistaken reward of $44,625.
Security researcher Youssef Sammouda was able to hijack the accounts of Facebook users who signed up for a Gmail account and used an OAuth Gmail id_token/code to log in to the site.
And, he tells the Daily Swig, it’s possible that the same strategy was used on any other account: “Because of the complexity of creating such a feat to do just that, I presented the exploit for the situation that resulted in the acquisition of Facebook accounts that authenticated with Google,” he says.
The Facebook exploit exploited a number of vulnerabilities, a CSRF logout bug that allowed an attacker to force a victim to log out of their Facebook account in their browser and a CSRF login error that allowed them to log into the attacker’s Facebook account in the victim’s browser. .
Meanwhile, a vulnerability in Facebook’s Checkpoint tool allowed any URLs visited on Facebook. com to leak to the Sandbox domain; and finally, an XSS vulnerability in Facebook’s Sandbox domain allowed the attacker to execute Javascript code in the context of the Sandbox domain.
The series of those allowed Sammouda to recover the accounts.
“We disconnected the user from their Facebook account, connected them to the attacker’s Facebook account,” he explained.
RELATED New Flaws in Facebook Canvas Win Payday for Bug Bounty Hunter
“At this point, the attacker’s Facebook account is locked in the Checkpoint tool; we redirect to Google OAuth, which redirects us to Facebook. com with a special token and code.
The researcher added: “Facebook. com discloses the token and code to the sandbox domain and despite everything, we are exploiting the XSS error to borrow the token and code from the sandbox domain. “
Sammouda says the notification procedure is effective and simple: he reported the insects to Meta on Feb. 16 and the company noted the problems on March 21. He won his payment on May 14.
This is not Sammouda’s first exceptional bonus. In fact, he has already reported a dozen Facebook bugs with payments.
Learn more about the latest in infosec search
Last year, for example, he earned $126,000 for finding a set of three flaws in Facebook’s Canvas technology, and follow-up jobs earned him $98,000 this year.
This new payment, he says, “reflects the severity of the error and how much Meta cares about the security of users’ accounts. “
We’ve invited Facebook to comment and will update if we hear more.
All the main technical points can be discovered in Sammouda’s most recent blog post.
YOU MAY ALSO LIKE Doctor in thanos ransomware generator creation rate
Belching Suite
Vulnerabilities
Customers
Society
Knowledge