Facebook fit a bug that allows anyone to access your account

Mar

9

2016

Awarded Facebook a $ 15,000 within the financial rewards program to a security researcher Anand Prakash , in return for the researcher to find and report a big flaw in the security accounts on the social network allows an attacker to access user accounts.

Prakash had been discovered in the last month and a gap within a site Facebook allow an attacker to change the password for a user account, and he informed the network that gap.

The company has to solve this problem and close the security gap, and Prakash has now shed light on this weakness, and he explained it by a video posted on the Internet.

The vulnerability exists in the copy developers experimental beta.facebook.com, which has been designed for developers to perform tests before the launch of general users.

And send network consisting of 6 numbers via e-mail or text message when a request to reset the password of the user account password reset code.

The site allows a specific number of attempts to reset the password, so as to prevent attacks or attempts to steal account, while across the pilot site can do an unspecified number of guesses.

He wrote Prakash in a post published on his official website that he made ​​using the famous test tool Burp Suite , and since the code consists of six figures, the method is used Brute force to get the passcode is possible, and it can access the account someone via guess reset code password.

The way Broch Force Brute force or how extensive research is a way to search for an answer to a question, and depends on the generation of the solution and tested, and is one of the simplest and most prevalent in solving public issues so that they take into account all the possible ways to resolve and experimenting with these solutions.

Viewing:-216

In: Technology & Gadgets Asked By: [15775 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »