Hi Folks, This is the third part of A brief on Abusing Invitation Systems blog post, In case you have missed the previous parts of this story of write-ups, it is advised to have a sneak peak at the First & Second part before you go on with this post. So before we kick off to our case study let’s get a brief about some technical terms first, I am Ali Kabeel an Application Security Intern at Seekurity and let’s dive in…
I am Ali Kabeel an Application Security Intern at Seekurity team. This is Second part of A brief on Abusing Invitation Systems blog post . In this blog post I will be mainly focusing on how I was able “by following the tips and tricks in the previous blog post” to bypass Facebook fixes for 4 consecutive years.In case you are not familiar with concepts, take a sneak peak on the previous blog before continuing with this one ;).
Hi Guys, Today i would like to show you how a single misconfiguration issue would jeopardize the user’s privacy if maliciously exploited hence hijack user “access_token” from Microsoft Office360 facebook App. Microsoft decided that this Office365 facebook app is NOT under their Microsoft Online Services bug bounty scope although we proved that our discovered bug can result in stealing Microsoft Office facebook App Access Token and that’s due to a misconfiguration in Microsoft Office Facebook App itself.
Hi Guys, How are you doing? Well i’ll consider and hope the answer is “Fine”… Today i will show you a bug i found in Facebook without even using any kind of testing tools BUT those kind of bugs requires what’s more than tools, it requires a hawk-eye, A platform-aware bug hunter mentality, a poet and an awesome morning cup of coffee, So don’t expect to gain technical skills from this blog post, only some pro tips and hunting mentality experience!
This is merely the second time i’m sending a report to Facebook Security Team without writing a piece of code!
Hi Folks, Long time no see, it’s Seif Elsallamy, Remember me ? if not 🙁 you may go through my previous blogs Stored XSS in the heart of the Russian email provider giant (Mail.ru) , Rolling around and Bypassing Facebook’s Linkshim protection on iOS
Today I’m gonna show you a race condition bug which i recently fall in love with those kind of vulnerabilities especially in when it comes to Facebook also i want to mention that this bug is super simple to understand It’s not complicated, the only complicated part is how to test and finding it.
Supp!, How are you guys! I hope you’re fine, I’m Seif Elsallamy (again) if you don’t remember me read my previous blog here: Stored XSS in the heart of the Russian email provider giant (Mail.ru)
Before we go in depth, lets know What is Linkshim ?
Hey There, How you doing?
In this blog post I will be talking about my experience with minor bugs chained together to steal sensitive tokens.
#1. Stealing CSRF tokens through Google Analytics.
While randomly testing things on apps.shopify.com, I landed at some random app page and hit the Write a review button, I wasn’t logged in so I was redirected to the login page and after logging in I was redirected to the application page again. Ok, that’s normal. However, what wasn’t normal is that the URL I got redirected to contained this GET parameter
Testing different sub-domains is a common procedure in bug hunting , while searching the domain “mbasic.facebook.com” I noticed this link
Facebook is the largest social network ever known on the internet, People are using Facebook for contacting friends, Family and sometimes for Work!
When it comes to Work that means an important notifications from your company’s page, work account, work admins, business accounts, etc…
Hi Bug Hunters,
Today we will explain how we redressed facebook ui and made it so easy to fool a victim to for example, Add the attacker as a member in one of his own secret groups on facebook.
Here’s some details about the issue: