I had discovered a vulnerable in Facebook :
-----------| Threat Level : Between medium and high
-------| Tested on : Windows 8 using Google chrome
---| The vuln is already reported but not closed yet
------------------| Description :
Hi I'm Hamza Belkhiat from Morocco , it was like a 3 weeks when i report it with full report including photos but someone in security team answer me and he told me that he had confused about it , i have answer him and i gave him an explanation's video
on YouTube and they don't answer me since there first khalil who found the wall vulnerable and now me ...etc
let's back to our subject :
the vulnerable is when you want to add mobile to your account to verify it , or you can add a new number to Facebook without any verification code , but with this vulnerable you can add any mobile number , what ever you want ( a valid or not valid number ) with just some codes you can add it without any difficulty.
Anyways this vulnerable is a big chance for spammers to verify their account and spam everybody that they want , because Facebook has a security Technique , any new account should be verify or it will be limited you can see that if you have create a new account but with this vulnerable , You could verify your account even it's new one , and Facebook could not close it.
----------------------| This is a video show you the prove : ( but not show you how to do it )
-----------| Threat Level : Between medium and high
-------| Tested on : Windows 8 using Google chrome
---| The vuln is already reported but not closed yet
------------------| Description :
Hi I'm Hamza Belkhiat from Morocco , it was like a 3 weeks when i report it with full report including photos but someone in security team answer me and he told me that he had confused about it , i have answer him and i gave him an explanation's video
on YouTube and they don't answer me since there first khalil who found the wall vulnerable and now me ...etc
the vulnerable is when you want to add mobile to your account to verify it , or you can add a new number to Facebook without any verification code , but with this vulnerable you can add any mobile number , what ever you want ( a valid or not valid number ) with just some codes you can add it without any difficulty.
Anyways this vulnerable is a big chance for spammers to verify their account and spam everybody that they want , because Facebook has a security Technique , any new account should be verify or it will be limited you can see that if you have create a new account but with this vulnerable , You could verify your account even it's new one , and Facebook could not close it.
----------------------| This is a video show you the prove : ( but not show you how to do it )
No comments:
Post a Comment