Hacker, Researcher and Author.

Facebook URL Redirection Vulnerability


Friends, Recently I found a "Redirection Vulnerability" inside Facebook, However facebook refused to accept it as according to them the vulnerability targets very few people. This is what they replied:

Hi Rafay,

This endpoint contains a specialized parameter that limits its usage to a small number of computers and users, preventing it from being used as a completely open redirect. For more detailed background information, please see this note by one of the engineers on the product: http://www.facebook.com/notes/facebook-security/link-shim-protecting-the-people-who-use-facebook-from-malicious-urls/10150492832835766

=================================================================
Facebook Open Redirect Vulnerability
=================================================================

Affected Application   : Main Website
Severity     : Medium
Local/Remote    : Remote
Vulnerable url     : http://facebook.com/l.php?u=http://rafayhackingarticles.net&sugexp=chrome,mod=9
&sourceid=chrome&ie=UTF-8&h=AAQGmYELO

Vulnerable URL:
www.facebook.com/l.php?u=https://rafayhackingarticles.net&h=YAQH4kMuY&s=1

Discovered by: Rafay Baloch - [rafaybaloch(at)gmail(dot)com]

[Summary]

Due to a parameter filtering weakness any supplied input is accepted; as result redirects a user to the parameter value without any validation.

Note: This vulnerability works for only few users, It won't work for every one.

Upadate: If the URL mentioned above does not work, kindly try the following:
www.facebook.com/l.php?u=https://google.com&h=YAQH4kMuY&s=1

13 comments:

  1. How does this equate to facebook being hacked?

    ReplyDelete
  2. Finally you did it :') Proud of you Bro..

    Regards
    M.Gazzaly
    (http://www.gazzaly.info)

    ReplyDelete
  3. It's nothing harmful..The facebook asks - it an external site, you can continue or not..it's upto you. They even show the url, you'll b visiting.

    ReplyDelete
  4. It works for me..cheers

    ReplyDelete
  5. This is very dangerous, but has since been corrected. Thanks for reporting.

    (Two are appearing on social networking sweepstakes Blog posts).

    ReplyDelete
  6. sir,what is the use of it?

    ReplyDelete
  7. thanks buddy. it works!!

    ReplyDelete
  8. @ Anonymous 6 : Suppose I have an infected website and want the victim to visit it to make his computer infected, I'll attach my infected website's url behind the trusted website's url and make the victim believe that it's a part of the trusted website.
    BINGO!! I'm done!!!

    ReplyDelete
  9. I not get your point can u help to explain again pls

    ReplyDelete
  10. Hey can u help me explain it i not get what u says
    send me step in my email id pls

    ReplyDelete
  11. pls hack this account and send to me a password augustine nitcha. . . that is his name . . . pls help me to get his password because a want to revenge him .....pls help me ASAP. . . .

    send into my yahoomail . .angiliecabungcal@yahoo.com

    ReplyDelete
  12. Ye Kis Chez kay Liay hay Didnt Understand

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.