Download Guarded Profile Picture From Facebook
Facebook recently introduced a feature called Profile Picture Guard. It protect others from downloading your profile picture. If you want to know more about it, you can read it here Profile Picture Guard | Facebook Help.
When turning on Profile Picture Guard, Facebook assure you that no one else can download your profile picture. Really??? ๐๐๐ Never!!!
I worked some time on it to see how can I bypass this restriction. Tried calculating the url to cdn but it requires a signature to access the file. Tried to view image and change dimensions and the result is negative.
What's next?
Think out of the Box.
I think I should leave it and change my target first. Then I decided to test it from my another account to check is there a way to bypass it.
Opened the profile picture and copied the url. Then I opened incognito to login to other account. Went to the url that I copied earlier and I was about to type my username and password in the login form at the top of page. Suddenly a pop up came. Wow!!! There's the image I am looking for. Got it.
Reported the issue to facebook but they said
and closed it as informative.
Here's the PoC Video in case if you want.
Timeline
Mar 3 - Report Submitted.
Mar 6 - Kamala from Facebook Security replied that it is a test pilot test and closed as informative.
Contact me or Support me
Liked this post? Buy me a coffee
When turning on Profile Picture Guard, Facebook assure you that no one else can download your profile picture. Really??? ๐๐๐ Never!!!
I worked some time on it to see how can I bypass this restriction. Tried calculating the url to cdn but it requires a signature to access the file. Tried to view image and change dimensions and the result is negative.
What's next?
Think out of the Box.
I think I should leave it and change my target first. Then I decided to test it from my another account to check is there a way to bypass it.
Opened the profile picture and copied the url. Then I opened incognito to login to other account. Went to the url that I copied earlier and I was about to type my username and password in the login form at the top of page. Suddenly a pop up came. Wow!!! There's the image I am looking for. Got it.
Reported the issue to facebook but they said
and closed it as informative.
Here's the PoC Video in case if you want.
Timeline
Mar 3 - Report Submitted.
Mar 6 - Kamala from Facebook Security replied that it is a test pilot test and closed as informative.
Contact me or Support me
Liked this post? Buy me a coffee
why need to do such just do it by inspect element even u can have it
ReplyDeleteThere are another few methods too. One of them is http://graph.facebook.com/{user_id}/picture?width=1200&height=1200
DeleteCafรฉ Casino is already ์จ๋ผ์ธ์นด์ง๋ ธ a high contender in the online playing industry. This end result of|as a result of} of} its professional design, incredible promotions, and general clean gaming experience. Everything from the structure and game selection to the extent of customer service is first-rate.
ReplyDelete