Facebook is the largest social network in the world and have number- 2
Alexa rank. Since 2004 when Facebook was launched it is the number one
target for hackers. Facebook hacking
is the most searchable term on Google. Recently Facebook hires world
leading security experts to secure their website. Moreover facebook also
pays 500$ to any one who can identify any sort of vulnerability inside Facebook.
Facebook team has done a wonderful job now it is really hard to get
into the Facebook. They increase the security of the system and remove
all the social engineering holes. However, the problem is that Facebook
applications are not coded or monitored by facebook, and it’s also not
possible that facebook to monitor every single app for vulnerabilities.
These facebook apps are mostly coded by common programmers who are not
well aware of how a code is written securely. Which leaves facebook apps
poured with common vulnerabilities like XSS ( CROSS SITE SCRIPTING),
Clickjacking, Remote file inclusion etc. Out of all of these web
application vulnerabilities, Remote file inclusion is a very common web
application attack which occurs because the application is not able
to validate included files. According to imperva, 21% of the apps on facebook are vulnerable to remote file inclusion attack.
Here’s how facebook hacking take placeFacebook Hacking
Step 1The attacker creates a malicious jpg file, because the upload of PHP is mostly banned on webservers with user level privileges. Therefore the hacker renames a PHP shell to some thing like shell.php.jpg in order to upload it to the webserver.
Step 2Next the hacker exploits RFI vulnerability in order to reference malicious JPG, which paramtere is something like.
.php?page=url of your malicious image
Step 3Next the attacker takes control of the server by just going to the url of the JPG image.
Mitigation:
Imperva suggests a four step mitigation process which can be found inside the image below, However it includes the deployment of web application firewall, but what if some one is not using a WAF, However will he be protected.
This is how facebook hacking take place.
0 comments:
Post a Comment