Hi, I am Rafay Baloch, a security researcher, author and a public speaker.

Facebook URL Redirection Vulnerability


Friends, Recently I found a "Redirection Vulnerability" inside Facebook, However facebook refused to accept it as according to them the vulnerability targets very few people. This is what they replied:

Hi Rafay,

This endpoint contains a specialized parameter that limits its usage to a small number of computers and users, preventing it from being used as a completely open redirect. For more detailed background information, please see this note by one of the engineers on the product: http://www.facebook.com/notes/facebook-security/link-shim-protecting-the-people-who-use-facebook-from-malicious-urls/10150492832835766

=================================================================
Facebook Open Redirect Vulnerability
=================================================================

Affected Application   : Main Website
Severity     : Medium
Local/Remote    : Remote
Vulnerable url     : http://facebook.com/l.php?u=http://rafayhackingarticles.net&sugexp=chrome,mod=9
&sourceid=chrome&ie=UTF-8&h=AAQGmYELO

Vulnerable URL:
www.facebook.com/l.php?u=https://rafayhackingarticles.net&h=YAQH4kMuY&s=1

Discovered by: Rafay Baloch - [rafaybaloch(at)gmail(dot)com]

[Summary]

Due to a parameter filtering weakness any supplied input is accepted; as result redirects a user to the parameter value without any validation.

Note: This vulnerability works for only few users, It won't work for every one.

Upadate: If the URL mentioned above does not work, kindly try the following:
www.facebook.com/l.php?u=https://google.com&h=YAQH4kMuY&s=1

No comments:

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.