blog


Vulnerability in Microsoft Edge could allowed to steal local files

It’s happened. While I was researching on Facebook I discovered a critical bug that an endpoint could allowed to download web pages automatically . Seems many of the fb pages have a user session containing full privileges user access_tokens etc which leads to Account Takeover. So, If we can create iframe with “https://example.com/?download=1” It will […]

Read More →

XSS on Facebook’s acquisition Oculus CDN

This issue is very similar to my previous report. I thought, I would check same issue exist on any other acquisition by “Facebook”. Luckily same issue was present on “oculuscdn.com”. Even without Interchanging any sub domains. Proof of concept There is an endpoint allowed developers to upload application assets in their Oculus account.. All assets […]

Read More →

XSS on Facebook-Instagram CDN Server bypassing signature protection.

Facebook and Instagram all photos/videos are stored on their CDN Server “*.fbcdn.net” and “*.cdninstagram.com” and they served via various sub-domains. Those all of the photos/videos on CDN Server contain a hash in the URL (various parameters ‘oh’ and ‘oe’ etc), which causes an error to be thrown if we modify the file extension.(eg. “.jpg” to […]

Read More →

Facebook Source Code Disclosure in ads API

Previously, I was much familiar with the “Windows NT” model & it’s “Windows Phone”. I see that many guys are actively hunting Bugs on Facebook easily & Receiving a Bug Bounty Awards. So I thought, I would also join with them to appear my name on Facebook Whitehat Page. Two time already listed on Microsoft […]

Read More →