Facebook Attach EXE Vulnerability……………..

0
213

Salam to all of tunerpage readers I am starting  a new post with a  facebook  tips we will see how to attach exe file on facebook..let’s see this ……

Facebook Attach EXE Vulnerability

Summary:
When using the Facebook ‘Messages’ tab, there is a feature to attach a file. Using this feature normally, the site won’t allow a user to attach an executable file. A bug was discovered to subvert this security mechanisms. Note, you do NOT have to be friends with the user to send them a message with an attachment.

Unlimited Web Hosting
Unlimited Web Hosting
Unlimited Web Hosting
Unlimited Web Hosting

Description:
When attaching an executable file, Facebook will return an error message stating:
“Error Uploading: You cannot attach files of that type.”

Facebook Error Uploading Facebook Attach EXE Vulnerability……………..

When uploading a file attachment to Facebook we captured the web browsers POST request being sent to the web server. Inside this POST request reads the line:

Content-Disposition: form-data; name=”attachment”; filename=”cmd.exe”

It was discovered the variable ‘filename’ was being parsed to determine if the file type is allowed or not.

To subvert the security mechanisms to allow an .exe file type, we modified the POST request by appending a space to our filename variable like so:

filename=”cmd.exe ”

Facebook Post Hack Facebook Attach EXE Vulnerability……………..

This was enough to trick the parser and allow our executable file to be attached and sent in a message.

Facebook Hot Stuff Facebook Attach EXE Vulnerability……………..

Thanks to all for reading this post…..

টিউনারপেজের নতুন টিউন আপনাকে ইমেইল করব?
Unlimited Web Hosting
Unlimited Web Hosting
Unlimited Web Hosting
Unlimited Web Hosting

মন্তব্য দিন আপনার