Hacker Reveals How to Hack Any Facebook Account, Reported the bug to Facebook And Got Rewarded

Hacking Facebook account is one of the major
queries of the Internet user today. It's hard to find
— how to hack Facebook account , but an Indian
hacker just did it.
A security researcher discovered a 'simple
vulnerability' in the social network that allowed him
to easily hack into any Facebook account, view
message conversations, post anything, view
payment card details and do whatever the real
account holder can.
Facebook bounty hunter Anand Prakash from India
recently discovered a Password Reset
Vulnerability , a simple yet critical vulnerability that
could have given an attacker endless opportunities
to brute force a 6-digit code and reset any
account's password.
Here's How the Flaw Works
The vulnerability actually resides in the way
Facebook's beta domains handle 'Forgot
Password' requests.

Facebook lets users change their account
password through Password Reset procedure by
confirming their Facebook account with a 6-digit
code received via email or text message.
To ensure the genuinity of the user, Facebook
allows the account holder to try up to a dozen
codes before the account confirmation code is
blocked due to the brute force protection that
limits a large number of attempts.
However, Prakash discovered that the social media
giant had not implemented rate-limiting in its
password reset process on the beta sites,
beta.facebook.com and
mbasic.beta.facebook.com , according to a blog
post published by Prakash.
Prakash tried to brute force the 6-digit code on
the Facebook beta pages in the 'Forgot Password'
window and discovered that there is no limit set
by Facebook on the number of attempts for beta
pages.

Here's the culprit:

As Prakash explained, the vulnerable POST request
in the beta pages is:

lsd=AVoywo13&n=XXXXX

Brute forcing the ' n' successfully allowed Prakash
to launch a brute force attack into any Facebook
account by setting a new password, taking
complete control of any account.
Prakash ( @sehacure ) discovered the vulnerability
in February and reported it to Facebook on
February 22. The social network fixed the issue
the next day and had paid him $15,000 as a
reward considering the severity and impact of the
vulnerability.

COMMENTS

Name

Benue News,375,Biafra,5,Business News,72,Celebrities,92,Crime And Offence,45,Culture,25,Download,5,Education,57,Entertainment,152,Fashion,4,Foreign News,44,Ghana News,5,Health,36,Jobs/Recruitements,20,Nigerian News,823,Politics,305,Relationship,78,Slider,5,Sports,34,Taraba News,12,Technology,15,
ltr
item
Benue Blog Portal: Hacker Reveals How to Hack Any Facebook Account, Reported the bug to Facebook And Got Rewarded
Hacker Reveals How to Hack Any Facebook Account, Reported the bug to Facebook And Got Rewarded
Benue Blog Portal
http://www.benueblog.com/2016/03/hacker-reveals-how-to-hack-any-facebook.html
http://www.benueblog.com/
http://www.benueblog.com/
http://www.benueblog.com/2016/03/hacker-reveals-how-to-hack-any-facebook.html
true
8328915417938209519
UTF-8
Loaded All Posts Not found any posts VIEW ALL Reply Cancel reply Delete Posted By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy