Header#RAWPASTE #FACEBOOK #UGETIT? #FACE #BOOK #LULZ #SECURE #MIRRORS @CannibalSecMirror 1: http://www.anonpaste.me/anonpaste2/index.php?b2e741b1ded1f93b #crtF5HouxNltwm5WgW7r6dzaKDLkJETXnksmiiSpJfs=Mirror 2: http://www.anonpaste.me/anonpaste2/index.php?d077018d732ae7f3 #wjgnIVsYzvqHAbtQWOwfSgYtaV7/19j8vC7foA7y1CY= FACEBOOK EXPLOIT AND VUNERABILITYS FOUNDED BY: #CANNIBALSEC============================================================================Exploit 1: Cross-domain JavaScript source file inclusionThe page at the following URL includes one or more script files from a third-party domainhttp://www.facebook.com/badges/?ref=pfhttp://b.static.ak.fbcdn.net/rsrc.php/v2/y6/r/Oczn1YJD530.jsHow to fix??------------Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application============================================================================Exploit 2: Cookie set without HttpOnly flagA cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.http://www.facebook.com/directory/people/reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.comSolutionHow to fix??--------------Ensure that the HttpOnly flag is set for all cookies.============================================================================Exploit 3: Cross Site Request ForgeryA cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.http://www.facebook.com/appcenter/category/music/?ref=pfHow to fix??--------------Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.============================================================================Exploit 4: X-Content-Type-Options header missingThe Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'http://www.facebook.com/privacy/explanationHow to fix??-------------This check is specific to Internet Explorer 8 and Google Chrome. Ensure each page sets a Content-Type header and the X-CONTENT-TYPE-OPTIONS if the Content-Type header is unknown.============================================================================Exploit 5: X-Frame-Options header not setX-Frame-Options header is not included in the HTTP response to protect against 'ClickJacking' attackshttp://www.facebook.com/privacy/explanationHow to fix??---------------Most modern Web browsers support the X-Frame-Options HTTP header, ensure it's set on all web pages returned by your site (if you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY.============================================================================Exploit 6: Information disclosure - sensitive information in URLThe request appeared to contain sensitive information leaked in the URL. This can violate PCI and most organizational compliance policies. You can configure the list of strings for this check to add or remove values specific to your environmenthttp://www.facebook.com/photo.php?v=4809778200644the URL contains credit card informations. Parameter: v, value: 4809778200644How to fix???-------------Do not pass sensitive information in URI's============================================================================Exploit 7: Password Autocomplete in browserAUTOCOMPLETE attribute is not disabled in HTML FORM/INPUT element containing password type input. Passwords may be stored in browsers and retrieved.http://www.facebook.com/r.phpHow to fix??---------------Turn off AUTOCOMPLETE attribute in form or individual input elements containing password by using AUTOCOMPLETE='OFF'============================================================================Exploit 8: Cookie set without secure flagA cookie has been set without the secure flag, which means that the cookie can be accessed via unencrypted connections.https://www.facebook.com/ajax/intl/language_dialog.php?uri=https%3A%2F%2Fwww.facebook.com%2Fomaha%2Fdatr=6Nn_UDgHVa7GDn6y0D3JRQtJ; expires=Fri, 23-Jan-2015 12:39:04 GMT; path=/; domain=.facebook.com; httponlyHow to fix??------------Whenever a cookie contains sensitive information or is a session token, then it should always be passed using an encrypted tunnel. Ensure that the secure flag is set for cookies containing such sensitive information.============================================================================Footer
Catch Us On Google+◙ Stay Connect with Us:- Facebook § Twitter § Google+ § LinkedIn § YouTube § Email Us ◙
Article written by Niraj kashyap [ Admin ]NiRaj KashYap aka Root_Crawler is Founder and Editor-In-chief of TheHackersBlog. Also he is a Certified Information Security Expert [C.I.S.E], Web-Designer, PHP programmer. Blogger and a Strong Supporter of Anonymous and WikiLeaks. My Effort is to make Security Much Stronger. .
▲Want to SUBMIT you News ◙
Click Me↓ ( its Totally Free ) ◙
||| Or Want to Write For Us ◙
Click Me ◙ ▲
THE ARTICLE IN THIS POST IS FOR INFORMATIVE AND EDUCATIONAL PURPOSE ONLY..FOR MORE INFORMATION OR FOR ANY QUERIES CONTACT US.
