Full Disclosure mailing list archives
Fake messages and chat bug in Facebook
From: Matteo Fabbri <matteo () phascode org>
Date: Fri, 29 Jun 2012 21:08:41 +0200
Knowing the user registration email is possible to send fake messages / chat to facebook users. The only thing required is a fake mail with as the sender the victim registration email addressed to the facebook ids followed by "@facebook.com " Example: from victim.email () hotmail com to friend1 () facebook com, friend2 () facebook com. .. Sent email will be shown in Facebook like a private message (or chat if multiple recipients are specified) sent by the Facebook account of the victim. (Previously reported vulnerabilities to Facebook) Matteo Fabbri
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Fake messages and chat bug in Facebook Matteo Fabbri (Jul 02)