Growth Hacking 4

  -  
Hacking Facebook tài khoản is one of the major queries of the mạng internet user today. It"s hard khổng lồ find — how to gian lận Facebook account, but an Indian tin tặc just did it.

Bạn đang xem: Growth hacking 4


A security researcher discovered a "simple vulnerability" in the social network that allowed him lớn easily hack into any Facebook account, view message conversations, post anything, view payment card details & do whatever the real tài khoản holder can.
Facebook bounty hunter Anand Prakash from India recently discovered a Password Reset Vulnerability, a simple yet critical vulnerability that could have given an attacker endless opportunities khổng lồ brute force a 6-digit code và reset any account"s password.
The vulnerability actually resides in the way Facebook"s beta domains handle "Forgot Password" requests.

Xem thêm: Tải Màn Hình Nền Liên Minh Huyền Thoại Đẹp Mắt Cho Pc Và Điện Thoại


*

Facebook lets users change their account password through Password Reset procedure by confirming their Facebook account with a 6-digit code received via e-mail or text message.
To ensure the genuinity of the user, Facebook allows the tài khoản holder to try up to a dozen codes before the trương mục confirmation code is blocked due to the brute force protection that limits a large number of attempts.
However, Prakash discovered that the social truyền thông giant had not implemented rate-limiting in its password reset process on the beta sites, beta.facebook.com & mbasic.beta.facebook.com, according to a blog post published by Prakash.

Xem thêm: 10 Người May Mắn Nhất Trong Lịch Sử Nhân Loại, Chuyện Về Những Người May Mắn Nhất Thế Giới


Prakash tried to lớn brute force the 6-digit code on the Facebook beta pages in the "Forgot Password" window & discovered that there is no limit mix by Facebook on the number of attempts for beta pages.
*

Prakash has also provided a proof-of-concept (POC) đoạn phim demonstration that shows the attack in work. You can watch the video clip given below that will walk you through the entire procedure:
Share on FacebookShare on TwitterShare on LinkedinShare on RedditShare on tin tặc NewsShare on EmailShare on WhatsApp
*