Facebook flaw allows hackers to delete any photo

facebook-cred-cnetuk-600A security flaw which allowed hackers to delete any image stored on Facebook has been discovered by Indian researcher Arul Kumar — and he has been rewarded for his efforts.

The Facebook flaw, explained in length on Kumar’s blog, exploits the Facebook Support Dashboard. Considered “critical,” the bug works with any browser and any version, but was most successfully exploited through mobile devices.

The Facebook Support Dashboard is used to send Photo Removal requests to the firm. Reports are reviewed by Facebook employees, or alternatively reports can be sent directly to the image’s owner. A link is then generated to remove the photo — which if clicked by the owner, removes the offending image.

However, while sending the message, two parameters — Photo_id & Owners Profile_id — are vulnerable. If modified, then the hacker could receive any photo removal link within their inbox, without the owner’s interaction or knowledge.

Every photo has an “fbid” value, which can be found through a Facebook URL. After the image ID has been secured, then two Facebook user accounts — where one would act as a “sender” and one as a “receiver” — can be used to receive a ‘remove photo link’.

Owner profile IDs can be found by using Facebook Graph.

Source: http://www.zdnet.com/facebook-flaw-allows-hackers-to-delete-any-photo-7000020124/


About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to http://GregoryDEvans.com for more details.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s