Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Bug In (Report This Post) Facebook 0 dayz
- Still UnPatched
- The Questions Like
- WHAT KIND OF SPAM?
- WHY DON'T YOU WANT TO SEE THIS PHOTO?
- WHAT KIND OF SPAM?
- Like Them can Be ByPassed By Adding &answer to the URL and Submitting The Form To Facebook
- If We add &answer=fake To The Step in which I asks WHAT KIND OF SPAM? The Server Responses To Next Step By repeating This Similar Step I could ByPass all the Steps in Report This Post !
- Link >>
- https://mbasic.facebook.com/nfx/basic/question/?context_str=%7B"initial_action_name"%3A"RESOLVE_PROBLEM"%2C"breadcrumbs"%3A%5B%5D%2C"story_location"%3A"photo_viewer"%2C"tracking"%3A"qid.6200379944259182852%3Amf_story_key.575600125913510734%3AeligibleForSeeFirstBumping."%2C"confirm_actions"%3Afalse%2C"is_from_feed_tombstone"%3Afalse%2C"actions_taken"%3A""%2C"reportable_ent_token"%3A"873762106026163"%2C"is_impostor"%3A""%7D&redirect_uri=https%3A%2F%2Fmbasic.facebook.com%2Fphoto.php%3Ffbid%3D873762106026163%26id%3D100001771465029%26set%3Da.289937457741967.65411.100001771465029%26refid%3D7%26_ft_%3Dqid.6200379944259182852%253Amf_story_key.575600125913510734%253AeligibleForSeeFirstBumping.%26__tn__%3DE&av=100007138141943&answer=offensive
- POC (Proof Of Concept):
- Reproduced Step In Video >> https://youtu.be/Xh2ABBoVtd8
- Sever Effects Caused By Bug :
- Infiltrate the Report This Post method !
- Clearly shows malfunctioning Of Form Posted in Report This Post method !
- Repeating The Same method an attacker could develop a Program By Just Changing the Ids Of The Post To Report !!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement