Date: Thu, 11 Jul 2013 21:43:37 +0530
From: vinesh redkar <vineshredkar89@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Fwd: Facebook Restricted Open redirection issue
 as attacker must be friend of victim

Hi i have submitted this issue but did accepted by facebook because of
limited nature of this exploitation,
As for successful attack victim must be friend for this submitted this
issue on 22 May Below is the mail trail for same :'(  also there is
download link for demonstration of this attack

---------- Forwarded message ----------
From: vinesh redkar <vineshredkar89@...il.com>
Date: Fri, May 24, 2013 at 6:03 PM
Subject: Re: Report a Possible Security Vulnerability
To: Facebook Security <whitehat+5avyv5a.aeaz7x2bcvjp6@...port.facebook.com>


Hi Team,

Please find attached video for attack demostration.
http://www.mediafire.com/download/mll5mhreyj448jb/facebook_attack.wmv
Password to download file : vinesh

I have just storten the URL
Below URL only work when Vicimt is friend of Attacker (Here in case it was
me Vinesh Redkar)
If you want to check this issue just sent me request and then try it (It
will work for you)
There is no confirmation will ask before sending it the other site :)

http://m.facebook.com/l.php?u=http://www.avsecurity.in?&h=MAQEydEHG&s=1
http://www.facebook.com/l.php?u=http://www.avsecurity.in?&h=MAQEydEHG&s=1
(Note: Dont Change h parameter but you can change u parameter to any
website )


On Fri, May 24, 2013 at 2:44 AM, Facebook Security <
whitehat+5avyv5a.aeaz7x2bcvjp6@...port.facebook.com> wrote:

> Hi,
>
> Sorry, but this is expected behavior and not eligible under our bounty
> program. This endpoint contains a specialized parameter that limits its
> usage to a small number of computers and users, preventing it from being
> used as a completely open redirect. For more detailed background
> information, please see this note by one of the engineers on the product:
> http://www.facebook.com/notes/facebook-security/link-shim-protecting-the-people-who-use-facebook-from-malicious-urls/10150492832835766
>
> Thanks! Please let us know if you have any further questions.
>
> Rory
> Security
> Facebook
>
> -----Original Message to Facebook-----
> From: vinesh redkar (vineshredkar89@...il.com)
> To: The Facebook Team
> Subject: Re: Report a Possible Security Vulnerability
>
> Hey Team,
>
> Any Update on my Facebook Open Redirection Issue ?
>
>
>
> On Mon, May 20, 2013 at 6:32 PM, Facebook Security <
> whitehat+5avyv5a.aeaz7x2bcu@...port.facebook.com> wrote:
>
> > Hi,
> >
> > Thank you for your report. If you are reporting a security bug, we will
> > respond to your report as soon as possible. Your report number is
> > 159514675. Otherwise, please continue reading for assistance.
> >
> > If your account or a friend's account is sending out suspicious links,
> > please refer to the "Take Action" section on the following page for ways
> to
> > properly report this activity:
> > http://www.facebook.com/help/456801467677596/
> >
> > To report abuse, please use the proper "Report" link that appears next to
> > many pieces of content on the site. You may also report another user by
> > using the "Report/Block" link that appears at the bottom of a user's
> > profile page. If this does not resolve the issue, we suggest that you
> block
> > the person by listing his or her name in the "Blocking People" box that
> > appears at the bottom of the Privacy page.
> >
> > For solutions to technical issues, answers to common questions, and
> > feedback from other Facebook users, please visit our Help Center here:
> > https://www.facebook.com/help/
> >
> > Thanks for contacting Facebook,
> >
> > The Facebook Team
> >
> >
> -----End Original Message to Facebook-----
>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists