Lee web Design

  • Home
  • Products
    • Furniture & Accessories
    • Garden Supply
    • Hardware & Materials
    • Home Tech
  • Designer Collection
  • Typography
  • Accessories
  • Web Design
  • Lifestyle
  • Latest Internet News

Facebook Fixes Flaw That Could’ve Let Anyone Access Your Account

March 14, 2016 , Sristy , Comments Off on Facebook Fixes Flaw That Could’ve Let Anyone Access Your Account

Facebook Fixes Flaw That Could've Let Anyone Access Your Account

Facebook has awarded a sum of $15,000 (roughly Rs. 1,010,000) to an India-born security researcher. Anand Prakash received the bug bounty from Facebook after disclosing a vulnerability in the social juggernaut’s website that enabled an attacker to gain access to anyone’s account.

Prakash discovered a vulnerability on Facebook website that allowed him to change the user account password for any account. He reported the vulnerability to Facebook last month and the company has since patched it. Prakash has now shed light on the vulnerability, and also demonstrated it in works on a video.

The security hole resided in company’s developer portal, beta.facebook.com, which is designed for developers to perform tests before rollout to the general public. Facebook sends users a 6-digit code over email or text message upon password reset request. To prevent abuse or potential ill intents, Facebook allows only a certain number of attempts. Turns out, over at the beta website, a user could make any number of guesses.

In a blog post, Prakash wrote that he utilised Burp Suite, a popular testing tool. Prakash noted that because it’s only a six-digit number, and brute forcing password is possible, it was not impossible to crack into someone’s account, guessing the reset password.

“[…] I looked out for the same issue on beta.facebook.com and mbasic.beta.facebook.com and interestingly rate limiting was missing on forgot password endpoints,” he wrote in a blog post. “I tried to takeover my account ( as per Facebook’s policy you should not do any harm on any other users account) and was successful in setting new password for my account. I could then use the same password to login in the account.”

Download the Gadgets 360 app for Android and iOS to stay up to date with the latest tech news, product reviews, and exclusive deals on the popular mobiles.

Tags: Bug Bounty, Facebook, Security, Social, Social Network, Vulnerability
[“source-Gadgets”]

Share this:

  • Facebook
  • LinkedIn
  • Reddit
  • Twitter
  • Tumblr
  • Pinterest
  • WhatsApp

Posted in Latest Internet News. Tagged as Access, Account, Anyone, Could've, Facebook, Fixes, Flaw, Let, that, Your

Next Post →

Women Spending More Time on Search, Says Google India

← Previous Post

Google Sides With Facebook Amid Data-Dominance Investigation

Author

Sristy

Related Posts

Fast Internet providers in Illinois: Associating People group and Engaging Lives

September 9, 2024 , admin , Comment Closed

Work Well, Do Good: Empowering Your Team with Smart and Sustainable Supplies

June 8, 2024 , admin , Comment Closed

Top 5 Digital Marketing Tips for Startups

June 6, 2022 , admin , Comment Closed

Get Newsletter Daily

Trending News

Why Does Great Web Design Take So Long?

May 7, 2018 , Loknath Das, Comment Closed

GirnarSoft Acquires Roadside Assistance Firm Help On Wheels

April 8, 2016 , Sristy, Comment Closed

Facebook Unveils New Community Help, Safety Check, Donation and Non-Profit Partnership Tools

December 18, 2016 , Sristy, Comment Closed

Mobile transactions boost rise in online furniture sales

August 31, 2018 , Loknath Das, Comment Closed

India Funding Roundup: A Pre-Owned Fashion Marketplace, E-Commerce Enabler, and More

March 12, 2016 , Sristy, Comment Closed

Postblazer Manages Multiple Social Media Accounts: Here’s How

January 31, 2017 , Sristy, Comment Closed

Reproductive Health Tracker LoveCycles Secures Funding, Adds Hindi Language Support

March 14, 2016 , Sristy, Comment Closed

Laucke hits out at Woolworths after three more products dumped from the supermarket’s shelves

November 22, 2017 , Loknath Das, Comment Closed

Reliance Jio Launch, IFA 2016, and Other Tech That Made Headlines This Week

December 17, 2016 , Sristy, Comment Closed

Find Us !

Find Us !

Follow me on Twitter

My Tweets

Latest Pins on Pinterest

  • These lemon tartlets are the perfect way to cool down this summer! With a smooth lemon curd filling and mini tart crust, they’re a tangy bite of sweetness that’s sure to impress. Try them for your next party or special occasion!

  • These easy to make, delicious greek yogurt protein powder muffins are an amazing greek yogurt protein recipe. These protein muffins make the perfect breakfast for school mornings or after workout recovery breakfast for mom and dad.

  • Follow Me on Pinterest
  • Home
  • Privacy Policy
  • Contact Us!

© Lee web Design 2025. Powered by WordPress & FancyThemes