|
Full Disclosure
mailing list archives
Fake messages and chat bug in Facebook
From: Matteo Fabbri <matteo () phascode org>
Date: Fri, 29 Jun 2012 21:08:41 +0200
Knowing the user registration email is possible to send fake messages /
chat to facebook users.
The only thing required is a fake mail with as the sender the victim
registration email addressed to the facebook ids followed by "@facebook.com
"
Example:
from victim.email () hotmail com to friend1 () facebook com, friend2 () facebook com
..
Sent email will be shown in Facebook like a private message (or chat if
multiple recipients are specified) sent by the Facebook account of the
victim.
(Previously reported vulnerabilities to Facebook)
Matteo Fabbri
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Fake messages and chat bug in Facebook Matteo Fabbri (Jul 02)
| 
