Wednesday, February 3, 2016

facebook Write-Up (2016)



Hi Readers!!! As many of you asked me for write up of the vulnerability which i founded in facebook.com

 So today I'm gonna share my write-up with you all.

 Bug Type - Insecure Configuration Management
Status - Patched
Link - apps.facebook.com
Severity - Critical (A5 rated by OWASP)

 So first of all how did I found it..

 20th Dec 2015 was the greatest day for me. I was just surfing facebook, as I normally do when I get bored. Actually I was playing games on facebook.

 Then I looked at the post on facebook, about every of my friends are getting HOFs and Bounty from different sites. Then I decided to let's try on facebook, might I get something...

 Then I used "tracert" command in command prompt of windows, to trace how my packets are travelling in the network. I got upto 13-14 results, and then I started nmap used to scan all the IP address. Literally approx first 10-12 IP were useless, which are not used by facebook..

 After wasting too much time on scanning, I decided to quit. But then I decided lets open 8 terminals in kali linux and start scanning all the domains at the same time. And I started watching Black-Hat Videos, there I got a video on Insecure Configuration Management issue. I thought let's check this vulnerablity.

 And there I got three IP address of facebook after waiting for 30-40 minutes....

 There I got one IP address, I scanned and researched on that IP address and found there is an open port 8010, xmpp server is running on it.

 Then I used telnet to find the server version it is running. But they were running the newest version. Then what to do. I lost all my hope.

 Then I searched on Google is their any known exploit for this version, but I got nothing, there I got a nse brute-force script which I could use to get into the xmpp server.

 After waiting about 2-3 hours I get into the xmpp server...

 I reported facebook about this vulnerability, I could only get into xmpp server not into whole server. They rewarded me $5000 for this.

 Here is the screenshot.

Then I was like, wow I found vulnerability on facebook.com

 Thank you facebook...

 Thank you guyss!!! 

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)