13 matches found
Rockstar Games: Image Injection vulnerability in www.rockstargames.com/IV/screens/1280x720Image.html
In this report, the researcher demonstrated a method to chain together separate vulnerabilities that, under certain conditions, could cause a user's Facebook Oauth tokens to leak via the Referer header. The specific vulnerability that was addressed in this report was the image injection component...
Rockstar Games: Image Injection vulnerability on screenshot-viewer/responsive/image may allow Facebook OAuth token theft.
In this report, the researcher identified a series of vulnerabilities that could be exploited together to exfiltrate sensitive user tokens. In this attack chain, one critical step was an image injection vulnerability in the Screenshot-Viewer function on the main site, at...
Rockstar Games: Image Injection on www.rockstargames.com/screenshot-viewer/responsive/image may allow facebook oauth token theft.
In this report, the researcher identified an image injection vulnerability in our screenshot-viewer utility on rockstargames.com. One of the input parameters utilized was not being properly filtered, and external URLs could be referenced, allowing off-site images to be called. This issue was...
Rockstar Games: Image Injection vulnerability affecting www.rockstargames.com/careers may lead to Facebook OAuth Theft
In this report, the researcher demonstrated a method to chain together separate vulnerabilities that, under certain conditions, could cause a user's Facebook Oauth tokens to leak via the Referer header. The specific vulnerability that was addressed in this report was the image injection component...
Rockstar Games: Stealing Facebook OAuth Code Through Screenshot viewer
In this report, the researcher demonstrated a way to combine multiple vulnerabilities to potentially allow an attacker to extract Oauth tokens from a victim's session. This was done by taking advantage of an image injection vulnerability in the Screenshot Viewer utility as well as additional...
Rockstar Games: Smuggle SocialClub's Facebook OAuth Code via Referer Leakage
In this report, the researcher provided a POC in which they were able to combine two issues to create a condition that potentially could have allowed an attacker to obtain OAuth tokens. One of the issues involved allowing external content to load in our Screenshot Viewer tool; we resolved this...
Uber: Chained Bugs to Leak Victim's Uber's FB Oauth Token
The Facebook OAuth application was misconfigured to allow any URL that followed the https://auth.uber.com/login? format to be provided as a redirecturi. By taking advantage of this, @ngalog was able to discover that the nexturl parameter could be added to the redirecturi allowing it to be chained...
Gratipay: configure a redirect URI for Facebook OAuth
Hey, Its me again. since the Login with Facebook doesnt have a dedicated directory like gratipay.com/facebook/callback it is possible to still steal access tokens...
Hacking Instagram Accounts using OAuth vulnerability
'Nir Goldshlager' known as Facebook hacker and founder of Break Security , who reported many critical bugs in Facebook OAuth mechanism in past few months, today disclose a critical vulnerability in Instagram Oauth that allow an attacker to hack any account. Succesful hack allows attacker to acces...
Another way to hack Facebook accounts using OAuth vulnerability
In recent few months White hat Hacker ,'Nir Goldshlager' reported many critical bugs in Facebook OAuth mechanism, that allowed an attacker to hijack any Facebook account without user's interaction. Another hacker, 'Amine Cherrai' reported a new Facebook OAuth flaw, whose exploitation is actually...
Another way to hack Facebook accounts using OAuth vulnerability
In recent few months White hat Hacker ,'Nir Goldshlager' reported many critical bugs in Facebook OAuth mechanism, that allowed an attacker to hijack any Facebook account without user's interaction. Another hacker, 'Amine Cherrai' reported a new Facebook OAuth flaw, whose exploitation is actually...
Facebook hacking accounts using another OAuth vulnerability
Remember the last OAuth Flaw in Facebook, that allow an attacker to hijack any account without victim's interaction with any Facebook Application, was reported by white hat Hacker 'Nir Goldshlager'. After that Facebook security team fixed that issue using some minor changes. Yesterday Goldshlager...
Facebook OAuth flaw allows gaining full control over any Facebook account
Facebook OAuth is used to communicate between Applications & Facebook users, to grant additional permissions to your favorite apps. To make this possible, users have to 'allow or accept' the application request so that app can access your account information with required permissions. As a normal...