Thursday, January 27, 2011

Security Holes In Facebook

Do you know anyone can update your facebook status!!!!
Anyone can upload worms on facebook!!!!
Not just you,even your friends are not safe!!!

Yes,it's true.
Following are some security holes in facebook:

1. Profile Access
If you have activated facebook mobile your account is at danger.The thing is, when updating status or any such command via phone,facebook does not ask for your password.So all one have to do is send a message to facebook such that it appears that it is sent from your number.The trick is called Spoof messaging.There are a lot of sites providing this service.One such site is http://www.smsglobal.com/ .They provide 25 free messages.
Using this hole anyone can
  • Update your status
  • Message
  • Get Profile Information of your friends
  • Get cell phone number of your friends
  • Wall post
  • Poke
  • Add your friend
  • Write a note
  • Comment on your status
To do all this one just needs your cellphone number registered on facebook!!!

How to be safe: Do not activate Facebook Mobile.


2. Accessing Deleted Images  
If you think that once you delete an photo it will not be visible to others,then you are wrong.
Once you delete an image only it's link is deleted,not the image...So if you have thelink you can still access a deleted image.So be careful with what you upload!!

3.Facebook is vulnerable to Worms
Facebook can be infected with worms by creating an application.Recent Rotating images worm proves it.It posted status messages automatically, looking something like this:
Hi Friends see Face-book images rotate 360* see here >> http://SHADYCLOUDS.TK/
Really cool Facebook revolving images. MUST SEE http://rotatingimage2.tk/ .
Some are calling it as “social XSS” attack,i.e. any script from friend tempts you to run the same script from address bar.And any such script as if it was hosted on facebook.com and can do everything which the logged-in user can do (unless facebook detects and catches malicious automated action).
How to be safe: Do not allow access to any application unless you completely trust it.

Note: I do not intend to cause damage to social image of facebook in any form.This tutorial is for educational purposes only.I am not responsible for misuse of information posted in any form.
Labels: , , ,

2 comments:

  1. felisha greenJune 24, 2020 at 4:42 AM


    I know a real professional hacker who has worked for me twice in the past one month. He is very good at hacking anything concerning database, phone, social media and even credit report fixes. He offers legit services. He also helps to retrieve accounts that have been taken by hackers. Contact him at cybergoldenhacker at gmail dot com

    ReplyDelete
  2. felisha greenOctober 18, 2020 at 10:28 PM

    Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete

Subscribe to: Post Comments (Atom)