• Home
  • Submit News
  • Contact Us
  • sitemap
  • Betting Sites Not On Gamstop
  • UK Betting Sites Not On Gamstop
  • Posts
  • Comments
  • Email

The Hackers Post

  • Home
  • Security News
  • Hacking News
  • Defacements
  • Anonymous Hackers
  • Vulnerability
  • Cyber Crime
  • Malware
  • privacy

Facebook password reset vulnerability found by a security researcher

posted on January 8, 2013 by Nauman Ashraf in: facebook bug bounty, facebook hacking, facebook password reset vulnerability, fb account hacking, Sow Ching Shiong, Vulnerability, Zero Day Vulnerability
0
An independent vulnerability researcher, Sow Ching Shiong, found a way to change the password of any facebook username without knowing his last password. Facebook have fixed this very critical vulnerability. This flaw allow an attacker to change any facebook user’s password easily.

Facebook have a recovery page for compromised accounts “https://www.facebook.com/hacked”. when clicked, it redirected to another page
“https://www.facebook.com/checkpoint/checkpointme?f=[userid]&r=web_hacked”
the parameter f equals to the user id, if any user id is given, password can be changed without any proper authentication.

The vulnerability was very simple to execute. This vulnerability has been confirmed and patched by Facebook Security Team.

email
← Previous Next →
World Top 5 Hackers
World Top 5 Hackers

Subscribe

Feedburner counter
  • Follow @TheHackersPost
Avoid DataBreach

Recent Posts

  • Privacy: The Ultimate Junk Cleaner for Android and Windows
  • Iranian Cyber Police Arrested 240 M/W Shut Down about 900 Websites
  • Top 5 Best free VPN Apps for Android Phones to Protect Privacy
  • British Govt agency GCHQ releases “Cryptoy” Android app for Kids to teach Cryptography
  • Cheap Android smartphones pre-loaded with DeathRing Chinese malware

Popular Posts

  • SpeedVPN Top 5 Best free VPN Apps for Android Phones to Protect Privacy
  • Iranian cyber police Iranian Cyber Police Arrested 240 M/W Shut Down about 900 Websites
  • ccleaner Privacy: The Ultimate Junk Cleaner for Android and Windows

Random PostsRandom post

  • Edward Snowden Edward Snowden nominated for EU rights prize
  • AnonGhost1 144 Cyprus Website Hacked by AnonGhost
  • Malware-Android Cheap Android smartphones pre-loaded with DeathRing Chinese malware
  • Mcdonald Korea hacked McDonalds Korea Website Hacked by xXM3HM3TXx from Turkish Ajan Hacker Group
  • Allied Bank ABL - Allied Bank Limited Hacked by Xploiter

@TheHackersPost on Twitter

Tweets by @TheHackersPost
  • Submit News
  • Privacy Policy
  • DMCA Policy
  • Contact Us
Copyright © 2015 The Hackers Post | Entries (RSS) and Comments (RSS) powered by WordPress [Back to top ↑ ]

Subscribe to Get Latest Information Security Updates

  • Facebook

  • Twitter

    Follow @TheHackersPost
"); }; function set_modal_dialog_web_site_address( newAddress ) { jQuery('a.iframe').attr( 'href', newAddress ); }; function modal_dialog_close() { jQuery.colorbox.close(); } var cookievalue = jQuery.cookie('modal-dialog'); if (cookievalue == null) cookievalue = 0; jQuery(document).ready(function() { jQuery("a.inline").colorbox({ inline: true, returnFocus: false, overlayClose: false, closeButton: true, escKey: true, width: '600', height: '400', transition: "fade", overlayOpacity: 0.3 }); if (cookievalue